A hypothetical but feasible description of an IT-related event, vulnerability or threat type that can lead to a significant business impact. The synopsis is generally characterized by defining: a threat actor; asset(s) or resource(s) affected; type of and potential magnitude of the impact; time of greatest likelihood for the event to occur; and estimated time from discovery to resolution.