Impact / LikelihoodHigh (H)Medium (M)Low (L)
High (H)CriticalMajorModerate
Medium (M)MajorModerateMinor
Low (L)ModerateMinorInsignificant

Severity Levels:

  • Critical: Severe and widespread impact, potentially causing irreversible damage to the organization.
  • Major: Significant impact requiring immediate attention and substantial resources for recovery.
  • Moderate: Noticeable impact but manageable, requiring a focused response to prevent escalation.
  • Minor: Limited impact with the potential for resolution without significant disruption.
  • Insignificant: Negligible impact, unlikely to cause any noticeable harm.

Example Assessments based on incident categorization

  1. Unauthorized Access to Information (H, M):
    1. High Impact: Critical when sensitive information is compromised.
    2. Medium Likelihood: Frequent attempts but not always successful.
  2. Compromise (H, H):
    1. High Impact: Major or critical if a successful compromise occurs.
    2. High Likelihood: Constant threat due to evolving tactics.
  3. Intrusion Attempts (M, H):
    1. Medium Impact: Moderate impact unless successful.
    2. High Likelihood: Frequent attempts due to the nature of automated attacks.
  4. Denial of Service (H, M):
    1. High Impact: Critical during successful attacks.
    2. Medium Likelihood: Potential due to the prevalence of DDoS tools.
  5. Fraud (M, H):
    1. Medium Impact: Significant financial and reputational consequences.
    2. High Likelihood: Frequent attempts, especially through phishing.
  6. Information Gathering (L, M):
    1. Low Impact: Limited direct harm, but potential for indirect risks.
    2. Medium Likelihood: Occasional attempts for reconnaissance.
  7. Abusive Content (M, L):
    1. Medium Impact: Significant reputational damage.
    2. Low Likelihood: Less frequent but impactful when it occurs.
Previous & Next
Incident Response Procedure Incident Identification