This document from the ATIS Cybersecurity Ad Hoc outlines a process for performing an Architectural Risk Analysis (ARA) on ICT solutions for the purpose of enabling the proactive development of cybersecurity risk management steps for these solutions. This process includes procedures to determine security goals, identify and assess potential risks, and develop proactive steps to mitigate identified risks.