http://www.ism-community.org/blogs/riskmanagementblog/default.aspxenCommunityServer 2007 (Build: 20423.869)http://www.ism-community.org/blogs/riskmanagementblog/archive/2007/06/21/getting-back-on-the-horse.aspx#1072Sat, 22 May 2010 21:56:11 GMTb96df89b-40a7-4829-bad0-5e17a7c202b4:1072janko<p>It is good you are back on the horse! hh: )</p> <img src="http://www.ism-community.org/aggbug.aspx?PostID=1072" width="1" height="1">http://www.ism-community.org/blogs/riskmanagementblog/archive/2007/07/11/risk-assessment-methodology-update.aspx#1062Tue, 02 Dec 2008 15:09:05 GMTb96df89b-40a7-4829-bad0-5e17a7c202b4:1062ebellis<p>Any thoughts of getting this back up and running? The content is getting a little stale,I'd be happy to help out where I can.</p> <img src="http://www.ism-community.org/aggbug.aspx?PostID=1062" width="1" height="1">http://www.ism-community.org/blogs/riskmanagementblog/archive/2007/05/02/state-of-risk-management-in-ism-community.aspx#978Sat, 23 Jun 2007 00:11:58 GMTb96df89b-40a7-4829-bad0-5e17a7c202b4:978rybolov<p>Yes sir. &nbsp;There are many ways to &quot;skin a cat&quot; but basically most risk management methodologies are the same at the core. =)</p> <img src="http://www.ism-community.org/aggbug.aspx?PostID=978" width="1" height="1">http://www.ism-community.org/blogs/riskmanagementblog/archive/2007/05/02/state-of-risk-management-in-ism-community.aspx#977Fri, 22 Jun 2007 20:12:14 GMTb96df89b-40a7-4829-bad0-5e17a7c202b4:977erichnewell<p>So as to not re-invent the wheel, be sure to look at the IAM and IEM produced by the NSA.</p> <p>Developed in 1998, the National Security Agency INFOSEC Assessment Methodology is pretty robust and still relevant. The book &lt;i&gt;&quot;Security Assessment: Case Studies for Implementing the NSA IAM&quot;&lt;/i&gt; covers the NSA IAM in a logical progression and draws from 800-30 among others.</p> <p>I recommend it highly along with the NSA IEM as well.</p> <p>Drawing from these to bodies should go a long way towards development of a heuristic methodology.</p> <img src="http://www.ism-community.org/aggbug.aspx?PostID=977" width="1" height="1">http://www.ism-community.org/blogs/riskmanagementblog/archive/2007/06/21/getting-back-on-the-horse.aspx#973Fri, 22 Jun 2007 05:49:13 GMTb96df89b-40a7-4829-bad0-5e17a7c202b4:973ISM RA Methodology « Mark Curphey - SecurityBuddha.com<p>Pingback from &nbsp;ISM RA Methodology &amp;laquo; Mark Curphey - SecurityBuddha.com</p> <img src="http://www.ism-community.org/aggbug.aspx?PostID=973" width="1" height="1">http://www.ism-community.org/blogs/riskmanagementblog/archive/2007/06/21/getting-back-on-the-horse.aspx#971Fri, 22 Jun 2007 05:44:42 GMTb96df89b-40a7-4829-bad0-5e17a7c202b4:971mcurphey<p>File upload works. It was your user error ;-)</p> <img src="http://www.ism-community.org/aggbug.aspx?PostID=971" width="1" height="1">http://www.ism-community.org/blogs/riskmanagementblog/archive/2007/06/21/getting-back-on-the-horse.aspx#966Fri, 22 Jun 2007 02:51:26 GMTb96df89b-40a7-4829-bad0-5e17a7c202b4:966The Guerilla CISO » Blog Archive » Call for Volunteers<p>Pingback from &nbsp;The Guerilla CISO &nbsp;&amp;raquo; Blog Archive &nbsp; &amp;raquo; Call for Volunteers</p> <img src="http://www.ism-community.org/aggbug.aspx?PostID=966" width="1" height="1">http://www.ism-community.org/blogs/riskmanagementblog/archive/2007/05/02/state-of-risk-management-in-ism-community.aspx#795Wed, 02 May 2007 16:54:35 GMTb96df89b-40a7-4829-bad0-5e17a7c202b4:795mcurphey<p>Superb Monsieur Guerilla.</p> <p>I think you are spot on about the lack of simple tools to support RA.</p> <p>Also it may be worth us digging up the list we came uo with of the Current Issues with RA. If I recall there was a uninimous vote for something that was super fast and reasonably accurate (qualitative) rather than something that took a while to compute and was better.</p> <img src="http://www.ism-community.org/aggbug.aspx?PostID=795" width="1" height="1">