Weaknesses

Weaknesses explain why risk increases.

Definition

A weakness is a technical, human, procedural, architectural, or governance condition that reduces trust or resilience.

Common weakness families

Family	Examples
Technical	Software flaw, insecure default, outdated component
Configuration	Broad access, missing logs, weak setting
Identity	Excess privilege, stale account, unmanaged service account
Process	Missing review, unclear approval, weak change control
Human	Error, lack of training, fatigue
Governance	No owner, no decision, no lifecycle process
Vendor	Poor oversight, missing terms, weak monitoring

Page pattern

A weakness article should explain affected assets, related risks, safeguards, evidence, and ownership.