Wentz’s Risk Model incorporates the Peacock Model, the Onion Model, the Ring Model, and the Concept of Neutral Risk.
The Concept of Neutral Risk, based on the risk definition of ISO 31000, introduces the business mindset of seizing opportunities and avoiding threats to highlight that information security is not only a business enabler but also a business driver.
The Peacock Model is a notion of information systems that extends the definition defined by 44 U.S.C, Sec 3502. The Onion Model denotes the concept of layered defense or defense in depth.
The Ring Model is derived from the NIST Generic Risk Model to specify risk in the context of information security.