Risk analysis on our infrastructure

Analyse the risks the project is facing and prioritise mitigations.
Loosely based on OCTAVE/Allegro, this would involve:

identifying assets and their criteria (confidentiality/availability/integrity)
establishing threat trees
calculate risks as the product of probability and impact of threat scenario’s
identify possible mitigations and their cost
prioritise mitigations as a function of risk-reduction and cost

Related issues

Blocks #13284
Blocked by #15096
Blocks #9802
Blocks #16956

Original created by @groente on 15097 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information