Harmonized Threat/Risk Assessment (HTRA)

Harmonized Threat and Risk Assessment (HTRA) Workshop Description

Security specialists from public and private sectors must be able to make informed decisions about security and recommend appropriate, cost-effective safeguards to mitigate unacceptable risks. The ERO security HTRA workshop comprises extensive instruction on the five (5) phases of the HTRA methodology. Candidates will, under the instruction of industry leading HTRA practitioners, learn to apply the HTRA methodology and relate it to their specific requirements.

Topics include:

▪ Overview of the HTRA

▪ Preparation Phase (Including TRA work plan)

▪ How to evaluate assets identified within the scope

▪ Identify and assess threat levels

▪ Recognize and evaluate vulnerabilities in safeguards, and vulnerabilities in asset

attributes as well as the environment

▪ Calculate residual risk and identify unacceptable residual risk levels

▪ Make recommendations to mitigate the residual risk and calculate the projected

residual risks having consideration for the recommended security control measures.

▪ Prepare and present a comprehensive TRA report including an executive summary.


The HTRA Methodology was created by the Government of Canada with consideration for all employees, assets and services at risk. It examines probable, deliberate, accidental and natural threats and examines them against the existing, protection, detection and response security control measures for probability of compromise and severity of outcome. It is very scalable and is integrated with project management methodologies and system development life cycles.