ciso-assistant-basic-risk-assessment
Guide users through a basic risk assessment workflow in CISO Assistant, from asset identification to scenario creation. Use when: (1) User wants to start a risk assessment from scratch (2) User mentions "risk assessment", "identify risks", "threat scenarios", or "risk register" (3) User asks about qualitative vs quantitative risk approaches (4) User needs help identifying assets, threats, or creating risk scenarios Covers: risk approach selection (qualitative/quantitative), organizational context gathering, asset identification (primary/supporting), threat catalog usage, scenario generation from threat-asset combinations, risk assessment/study creation.
Install
mkdir -p .claude/skills/ciso-assistant-basic-risk-assessment && curl -L -o skill.zip "https://mcp.directory/api/skills/download/3467" && unzip -o skill.zip -d .claude/skills/ciso-assistant-basic-risk-assessment && rm skill.zipInstalls to .claude/skills/ciso-assistant-basic-risk-assessment
About this skill
CISO Assistant Basic Risk Assessment
Guide users through risk assessment setup using MCP server tools.
Prerequisites
- Verify MCP server connectivity - Test with
get_folders() - Backend must be running - CISO Assistant backend at configured URL
- If MCP tools unavailable - Fall back to direct API calls (see bootstrap skill)
Key Principles
Always Pass folder_id for Scoping
When creating objects, always pass folder_id to scope lookups and avoid ambiguity errors when objects with the same name exist in different folders.
# CORRECT - folder_id scopes all lookups to ACME folder
create_risk_scenario(
name="Ransomware on Customer Data",
risk_assessment_id="ACME Risk Assessment 2025",
folder_id="ACME", # <- Scopes asset/threat lookups
assets=["Customer Data"],
threats=["Ransomware"],
threat_library="urn:intuitem:risk:library:intuitem-common-catalog"
)
Always Use threat_library for Threat Lookups
Threats exist in multiple libraries (intuitem catalog, MITRE ATT&CK, etc.). Always specify the library:
threat_library="urn:intuitem:risk:library:intuitem-common-catalog"
Include Relevance in Scenario Descriptions
Always explain why a scenario matters for this specific organization:
"Ransomware attack encrypting customer data, leading to service disruption.
Relevance: GDPR breach implications with mandatory 72-hour notification
and potential fines up to 4% of annual revenue."
Workflow
Step 1: Choose Risk Approach
Ask the user which approach they prefer:
| Approach | Description | Best For |
|---|---|---|
| Qualitative | Probability/impact scales (Low/Medium/High), 4x4 or 5x5 matrix | Initial assessments, stakeholder communication |
| Quantitative | Monetary values, Monte Carlo simulations, ALE calculations | Mature orgs, budget justification, executive reporting |
Step 2: Gather Organizational Context
Ask about:
- Industry: healthcare, financial, tech/SaaS, retail, manufacturing, government
- Size: small (1-50), medium (50-500), large (500+)
- Region: for regulatory context (EU → GDPR, US healthcare → HIPAA, etc.)
- Cloud: AWS/Azure/GCP, SaaS-heavy or on-premise
- Compliance: specific requirements (HIPAA, PCI-DSS, GDPR, SOC2, ISO 27001)
Step 3: Create Domain and Perimeter
# 1. Create folder (domain)
create_folder(name="ACME", description="ACME Corp - Tech/SaaS, EU-based")
# 2. Create perimeter (assessment scope)
create_perimeter(name="ACME Platform", folder_id="ACME")
Step 4: Identify and Create Assets
Use references/typical-assets.md to suggest assets based on context.
Primary Assets (PR) - Business value:
- Customer/employee data, financial records, source code, API keys/secrets
Supporting Assets (SP) - Infrastructure:
- Cloud infrastructure, databases, CI/CD pipeline, email, endpoints
# Create assets - always pass folder_id
create_asset(name="Customer Data", description="Customer PII - GDPR relevant",
asset_type="PR", folder_id="ACME")
create_asset(name="Production Database", description="Primary data storage",
asset_type="SP", folder_id="ACME")
Step 5: Import Threat Catalog
# Import the intuitem common catalog (23 threats)
import_stored_library("urn:intuitem:risk:library:intuitem-common-catalog")
# Verify threats are available
get_threats(library="urn:intuitem:risk:library:intuitem-common-catalog")
Step 6: Generate Scenario Suggestions
Use the Threat-Asset Relevance Matrix in references/typical-assets.md to suggest the most relevant threat-asset combinations.
Naming convention: [Threat] on [Asset]
- "Ransomware on Customer Data"
- "Phishing targeting Employees"
- "Cloud Misconfiguration"
Present top 10-15 combinations and let user select which to create.
Step 7: Create Assessment Container
For Qualitative:
# Check available matrices
get_risk_matrices()
# Use matrix UUID to avoid ambiguity
create_risk_assessment(
name="ACME Risk Assessment 2025",
risk_matrix_id="<matrix-uuid>", # Use UUID from get_risk_matrices()
perimeter_id="ACME Platform",
folder_id="ACME",
status="in_progress"
)
For Quantitative:
create_quantitative_risk_study(
name="ACME Quantitative Risk Study 2025",
folder_id="ACME",
distribution_model="lognormal_ci90"
)
Step 8: Create Risk Scenarios
For Qualitative:
create_risk_scenario(
name="Ransomware on Customer Data",
description="Ransomware attack encrypting customer data. Relevance: GDPR breach with 72-hour notification requirement.",
risk_assessment_id="ACME Risk Assessment 2025",
folder_id="ACME", # CRITICAL: scope lookups
assets=["Customer Data"],
threats=["Ransomware"],
threat_library="urn:intuitem:risk:library:intuitem-common-catalog"
)
For Quantitative:
create_quantitative_risk_scenario(
name="Ransomware on Customer Data",
description="Ransomware attack... Relevance: ...",
quantitative_risk_study_id="ACME Quantitative Risk Study 2025",
folder_id="ACME",
assets=["Customer Data"],
threats=["Ransomware"],
threat_library="urn:intuitem:risk:library:intuitem-common-catalog"
)
Step 9: Summary and Next Steps
After creating scenarios, summarize and guide on next steps:
For Qualitative:
- Rate probability and impact for each scenario in the UI
- Identify and link existing controls
- Plan additional controls for high-risk scenarios
- Review risk matrix visualization
For Quantitative:
- Create hypotheses with probability and impact bounds
- Run Monte Carlo simulations
- Set risk tolerance curve
- Analyze portfolio-level risk
Quick Reference
MCP Tools
| Category | Tool | Key Parameters |
|---|---|---|
| Setup | create_folder() | name, description |
create_perimeter() | name, folder_id | |
| Assets | create_asset() | name, description, asset_type, folder_id |
get_assets() | folder | |
| Threats | import_stored_library() | urn_or_id |
get_threats() | library, folder, limit | |
| Qualitative | get_risk_matrices() | - |
create_risk_assessment() | name, risk_matrix_id, perimeter_id, folder_id | |
create_risk_scenario() | name, description, risk_assessment_id, folder_id, assets, threats, threat_library | |
| Quantitative | create_quantitative_risk_study() | name, folder_id, distribution_model |
create_quantitative_risk_scenario() | name, quantitative_risk_study_id, folder_id, assets, threats, threat_library |
Common Threat Library URN
urn:intuitem:risk:library:intuitem-common-catalog
Threat Catalog Quick Reference
| Threat | Typical Target Assets |
|---|---|
| Ransomware | Customer Data, Databases, File Storage |
| Phishing | Employee Endpoints, Corporate Email |
| Data Breach/Leak | Customer Data, Source Code, API Keys |
| Cloud Security Threats | Cloud Infrastructure, SaaS Apps |
| API Security Threats | Application Code, API Gateway |
| Insider Threats | API Keys/Secrets, Source Code |
| Supply Chain Attacks | CI/CD Pipeline, Dependencies |
| Password Attacks | Corporate Email, Admin Accounts |
| System Outage | Production Database, Core Services |
| Regulatory Non-Compliance | Customer Data (GDPR/HIPAA/PCI) |
| Social Engineering | Employee Endpoints, Finance Team |
Fallback: Direct API Calls
If MCP tools unavailable:
POST /api/folders/POST /api/perimeters/POST /api/assets/POST /api/stored-libraries/<urn>/import/POST /api/risk-assessments/POST /api/risk-scenarios/POST /api/crq/quantitative-risk-studies/POST /api/crq/quantitative-risk-scenarios/
More by intuitem
View all skills by intuitem →You might also like
flutter-development
aj-geddes
Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.
drawio-diagrams-enhanced
jgtolentino
Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.
ui-ux-pro-max
nextlevelbuilder
"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."
godot
bfollington
This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.
nano-banana-pro
garg-aayush
Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.
fastapi-templates
wshobson
Create production-ready FastAPI projects with async patterns, dependency injection, and comprehensive error handling. Use when building new FastAPI applications or setting up backend API projects.
Related MCP Servers
Browse all servers
Specs WorkflowStreamline project docs with Specs Workflow: automate software project plan templates, tracking, and OpenAPI-driven prog
WordPressEasily manage WP sites: posts, pages, users, plugins, themes, comments & more. Reliable wp manage tools integrated with
ExcelUnlock powerful Excel automation: read/write Excel files, create sheets, and automate workflows with seamless integratio
Spec-Driven DevelopmentGuide your software projects with structured prompts from requirements to code using the waterfall development model and
CoolifyManage servers and databases with Coolify—seamless system management server and SQL server tools via natural language.
Postman MinimalEmpower AI agents for efficient API automation in Postman for API testing. Streamline workflows and boost productivity w
Stay ahead of the MCP ecosystem
Get weekly updates on new skills and servers.