I wouldn’t say you get me, but from what you’ve written here’s it’s manifestly evident that you get it.

Specifically:
“If Severity were a question, it would be “How bad is this if it happens?”
If Significance were a question, it would be “How likely is this to occur?””

I don’t imagine google will show many results, but it might show some … if you search for “MIL-SPEC FMECA” you’ll find a huge expansion on what you sketched out so elementally.
“Failure Modes; Effects Criticality Analysis”. (An amazing coincidence: just this evening I was bringing to mind the graphing technique it uses … in case I get a gig with Odyssey X-Prize … it’s that sorta ball-busting heavy-lifting that calls for such as FMECA.)

A graph … on one axis? Ayup, probability (“likelihood”). The other axis? Right again … severity.

Break the system down into parts (“lowest-replacable module” is the convention) and figure out how it goes wrong … make a list … how likely … how nasty … graph the points.
*Hey Presto!* An immediate representation of how much shit you’re in where you’d best concentrate your efforts.

how glad I dropped by!

ben

No – I’m not saying that our product sets out to solve the problem, (although it might be able to help some) – what I’m saying is that there’s a difference between security and secrecy.

As you say, security is very important. Securing information from unwanted people outside your organization is definitely important. But, I think that in the majority of cases, securing it from people within your organization isn’t – and in practice, it might do you more harm than good…

Gordon I agree. Security is Hard .. BUT very important.. So what your telling us is that your product will allow us to have a document seen by the only needed partys but seting that up will be easy..

As you said before I call shenanigan