On this page, you can define the measurement method to use when evaluating the Controls for Event Vulnerabilities (by Control).
This is found on CONTROLS > Measure > Measurement Methods > for Controls for EVent Vulnerabilities (by Control).
From the grid above, you can assign the measurement method to use when evaluating the selected control to mitigate the vulnerabilities of the events due to Threats/Sources.
You can select another control using the "Select a control:" dropdown:
The Events are listed as rows under the "Event Name" column, and the succeeding column headings to the right are the Hierarchy of Sources. The intersecting cell of the event(row) and the covering sources (column) is where you can define the measurement method.
You can only assign measurement methods for the controls that are previously identified to reduce the given event's vulnerabilities. The control identification is done from the Controls > Identify> Controls for Event Vulnerabilities page. Those un-assigned controls to the selected Event are disabled or greyed out.
From below, the selected control "Monitoring Gate System" is a potential control to reduce the vulnerability of the event "Late Train Running" given the source "Disregarding or Not Following Proper Policies, Processes, or Procedures", thus the measurement method dropdown selection is available.
You can select from four possible methods:
All the measurement methods except Direct have a measuring default scale which is already defined by Riskion.
