Example of threat evaluation (taken from the Internet):
The methodology that we created as a team, includes the basic principles of risk management. I've used some references such as NIST-800-30 special publication (Risk Management Guide for Information Technology Systems), ISO/IEC 27005:2008 Information technology - Security techniques - Information security risk management and many others documents widespread on the Internet !
Finally, a few moments ago I optimized an excel formula to automate the process of THREATS valuation using their impacts and likelihoods. First, I tried this one:
But... It's too long, and excel sends u a syntax error. So, I exercised my mind and I could make it easier taking leverage of the boolean operators OR() and AND() as well as nested IF() statements.
Works fine !, not a big deal though. As you can see, this is something VERY VERY simple, but I'm pr0ud of my newbie Excel Skillz jajaj :D...
Have fun ! ;)