Riskikohteiden

Riskikohteiden, or risk targets, are the assets, systems, people, processes, and information that could suffer harm if exposed to threats and vulnerabilities. They form the focal point of risk assessment and risk management because the severity of risk is determined by the value of the target, the likelihood of threat occurrence, and the potential impact.

In risk management, risk targets are identified through asset inventories and business impact analyses. They are

Examples of risk targets include physical infrastructure such as facilities and equipment; information assets such as

Management of risk targets involves selecting and implementing controls to reduce either the likelihood of a

The concept is integrated into widely used frameworks such as ISO 31000, ISO 27001, and NIST guidelines,