The following are additional materials that may be of interest. The first set of materials documents the results of the MSCE project. The next set of materials provides the primary references for the more traditional risk management approaches. The final set provides additional links to other risk-related work at the SEI.

Mission Risk Diagnostic (MRD) Method Description

A Framework for Categorizing Key Drivers of Risk

Risk Management Framework

Preview of the Mission Assurance Analysis Protocol (MAAP)

Mission Assurance Analysis Protocol (MAAP): Assessing Risk

Lessons Learned Applying the Mission Diagnostic

Common Elements of Risk

Traditional Risk Management

Continuous Risk Management Guidebook

Software Risk Evaluation (SRE) Method Description (Version 2.0)

An Introduction to Team Risk Management

A Collaboration in Implementing Team Risk Management

Other Risk-Related SEI work

Learn more about the three Operationally Critical threat, Asset, and Vulnerability Evaluation (OCTAVE) methods.

Architecture Tradeoff Analysis Method (ATAM) 

Identifying Commercial Off-the-Shelf (COTS) Product Risks: The COTS Usage Risk Evaluation 

Supply chain risk management:  Software Supply Chain Risk Management: From Products to Systems of Systems