There are multiple useful techniques. Good starting point would be:
- Cause-and-Effect Analysis – which enables you to identify a root cause,
- Fault-Tree Analysis – exploring events which may lead to a top-level event. And then analysing reasons for those events to happen.
- Sensitivity Analysis – assessing which risk factor might have the biggest impact.
There are several questions which you should ask when analyzing Log Data.
- Are the controls operating correctly?
- Is the level of risk acceptable?
- Are the controls aligned with the risk strategy, business strategy and key priorities?
- Are the controls flexible enough to meet changing threats?
- Are the correct risk data being provided in a timely manner?
- Is the risk-management effort benefitting corporate objectives (or at minimum not hindering them)?
- Is awareness of risk a compliance requirement reflected in user behavior?