Introduction to RATS
TL;DR
RATS stands for "Risk Assessment and Threat Scoring," a simple way to figure out how bad a problem is. You'll evaluate a problem's impact and how likely it is to happen. This helps you prioritize what to fix first.
1. The Mental Model
Imagine you have a big pile of tasks and don't know where to start. RATS helps you sort that pile by telling you which tasks are both really important and likely to go bad if you ignore them.
2. The Core Material
RATS is a framework to assess risks by scoring two main factors: Impact and Likelihood. The product of these scores gives you a Threat Score, helping you prioritize mitigation efforts.
2.1 Impact
Impact measures how severe the consequences would be if a specific problem actually occurred. Think about the damage it could cause.
You'll typically score Impact on a scale, often 1 to 5.
- 1 (Negligible): Very minor, easily fixed, almost no real consequence.
- 2 (Minor): Small inconvenience, minimal cost, easily recovered.
- 3 (Moderate): Noticeable disruption, some financial cost, might affect operations temporarily.
- 4 (Serious): Significant disruption, major financial loss, reputational damage, might require significant resources to recover.
- 5 (Catastrophic): Total failure, huge financial losses, severe reputational damage, potential legal issues, long-term or permanent damage.
2.2 Likelihood
Likelihood measures how probable it is that the specific problem will actually happen. Is it a rare event or something that occurs often?
Again, you'll score Likelihood, usually 1 to 5.
- 1 (Rare): Very unlikely to happen, almost never.
- 2 (Unlikely): Could happen, but not frequently.
- 3 (Possible): Might happen, fairly common possibility.
- 4 (Likely): High chance of happening, probably will occur.
- 5 (Almost Certain): Will almost certainly happen, common or constant.
2.3 Threat Score Calculation
Photo by Tara Winstead on Pexels
Once you have your Impact and Likelihood scores, you multiply them to get the Threat Score.
**Thre