## 20160308 AK
----
 [[Risk/CZ|česky]] | '''english'''
----
= Risk =
This page describes and references Risk Management and Risk Analysis approaches.

== Our Work ==

 * [[RiskAssessment]] is a 2009 effort by Daniel Black.
 * [[https://svn.cacert.org/CAcert/SecurityManual/RiskAnalysis.pdf|CAcert Threat Model]] is a 2008 effort by [[Philipp Güring]].
 * ''CAcert Root Key Security Risk Analysis'' (forthcoming) is a 2011-2012 effort by [[Iang]].
 * [[Risk/History]] provides a list of attacks against CAs, for the purpose of validating Threats.
 * [[Risks/SecretCells]] provides background on our experiences and responses to what is also known as the ''cooperative endpoint''.

== Useful external references ==

 * [[http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf|Risk Management Guide for Information Technology Systems]]

----

 . CategoryAudit