The MSAT is the revised version of the Microsoft Security Risk Self-Assessment Tool (MSRSAT), released in 2004.
This Risk Assessment is based on accepted standards and best practices for helping reduce risk in IT environments. It uses the "Defense-in-Depth" (DiD) concept, which refers to the implementation of layered defenses that include technical, organizational, and operational controls.
After completing an Assessment, you will gain access to a detailed report of your results. You may also compare your results with those of your peers (by industry and company size), provided that you upload your results anonymously to the secure MSAT Web server. When you upload your data the application will simultaneously retrieve the most recent data available. To be able to provide this comparative data, we need customers such as you to upload their information. All information is kept strictly confidential and no personally identifiable information whatsoever will be sent.