Table of Contents

 1     Scope          
 2     References               
 3     Definitions 
        3.1     Terms defined elsewhere        
        3.2     Terms defined in this Supplement       
 4     Abbreviations and acronyms             
 5     Conventions             
 6     Overview   
        6.1     Internal risks  
        6.2     External risks 
        6.3     Conceptual model for an IRAS function              
 7     IRAS function           
        7.1     Application service management function        
        7.2     Risk search function    
        7.3     Risk analysis function 
        7.4     Risk service profile      
 8     Execution of IRAS functions               
        8.1     Risk analysis service and user registration         
        8.2     Log-in session process               
        8.3     Risk analysis service execution               
 9     Risk analysis service procedure        
        9.1     General risk analysis service procedure             
10     Service scenarios   
       10.1     Service scenario related to external risks         
       10.2     Service scenario related to internal risks          
11     Security consideration