Security Risk Assessment
IT IT Ops Executive
The prompt
Conduct a security risk assessment.
Org type: {{size_industry_data_types_handled}}
Critical systems: {{list_most_important}}
Current controls: {{firewalls_mfa_endpoint_protection_etc}}
Recent incidents: {{any_in_the_past_year}}
Regulatory requirements: {{soc_2_hipaa_pci_gdpr}}
Please produce:
1. Threat inventory: most likely attack vectors for an org like ours
2. For each: likelihood and impact (Low/Med/High/Critical)
3. Risk matrix: which to address first
4. Top 5 security gaps based on current controls
5. Quick wins (implementable in 30 days)
6. Longer-term investments to prioritise