Rapid Risk Assessment (RRA)
The Rapid Risk Assessment framework is licensed under the MPL and was originally created to rapidly formalize risk-based decision making (less than an hour ⏰).
The RRA is based on previous frameworks, but focuses on the social aspect of the risk discussions in order to favor good outcomes, rather than perfect outcomes.
It surfaces and mitigates important risks that matter to the team, rather than checking lists of controls.
- Even if you’re a seasoned risk professional, our Risk TL;DR may pique your interest.
- Check out the Podcasts, videos, etc. to get a feel for it!
- Read the Reference Documentation, especially RRA for services.
- Play with integrations.
Mozilla’s Information security website can be found at https://infosec.mozilla.org.
This website, reference and tools are all hosted under the MPL on https://github.com/rapidriskassessment. Please submit issues, pull-requests, etc. as necessary. You may also consult or request to participate to the high level project board or chat on Matrix.
See also CONTRIBUTORS for a list of contributors.