The Vulnerability Self Assessment (VSAT™) methodology and software provides a structured, cost-effective approach for organizations to assess their vulnerabilities and to establish a risk-based methodology for making necessary changes. The VSAT™ methodology groups an organization’s assets into the classes of People (Staff), Physical Plant, Knowledge Base, Information Technology Platform, and Customers. VSAT™ is based on qualitative risk assessment techniques and supports baseline vulnerability analysis as well as security improvement analysis that helps managers choose new countermeasures to reduce vulnerability. Perhaps most importantly, VSAT™ assists in the management decision process by enabling managers to trade-off cost for risk.
The methodology and software are flexible, customizable, and user friendly. VSAT™ software is equally applicable to deliberately caused or natural disasters. In addition to a library of prototypical assets, included in the software application are threat and countermeasure libraries. As users proceed through self-assessments, VSAT™ automatically documents the analysis process during each step. VSAT™ helps users identify critical asset(s) and potential single points of failure.
The VSAT™ process culminates in a series of risk-reduction-cost reports that presents findings in clear and concise ways. This is important, because the goal is business continuity and, at the end of the day, VSAT™ provides solutions that enable utilities to mitigate risks of business interruptions at least cost.