Technology assets belongs to different risk profiles depending on their exposure to internet, their operating system, vulnerabilities and threats. These, in totality, represent a risk profile for the asset under evaluation. Each of these risks may be treated using a series of controls which will reduce it's risk level. The resulting risk posture may be further improved based on treatment of risks on other high-risk assets. Evidently, this is an ongoing risk management process, focusing always on the most riskier asset.
Tech. Risk Identification Tool