in
All Tags » risk assessment (RSS)

Browse by Tags

  • Re: Long Security Tail

    It appears that Curphey likes The Long Tail of Security , he posted a whole series about it on his blog. Quite a little meme I've created. =)
    Posted to Risk Management (Forum) by rybolov on 08-13-2007

  • Re: What RA method is "good enough" for the GLBA examiners?

    How can the weather be “compliant” with a law or regulation? The fundamental flaw with all “compliance” regulations is the measurements that are used to assess “the weather” and more importantly the output of those assessments. The weather changes from moment to moment and so does risk of breaching the...
    Posted to Risk Management (Forum) by halon73 on 07-23-2007

  • Risk Assessment Methodology Update

    With a couple of volunteers, work on the RA Methodology has been moving forward. I spent some of the last week working on the front and back of it, adding in the niceties like the license snippet, links to other risk assessment/management guides, etc. While I can crank out the various sections myself...
    Posted to Risk Management Blog (Weblog) by rybolov on 07-11-2007

  • Re: New Glossary Term: Vulnerability

    I'm using this for the Practical Risk Assessment Methodology: Vulnerability: A flaw or weakness in system security procedures, design, implementation, or internal controls that could be exercised (accidentally triggered or intentionally exploited) and result in a security breach or a violation of...
    Posted to Commons (Forum) by rybolov on 06-25-2007

  • Getting Back on the Horse

    "First we said it was too cold and that the fish were not feeding. Then we said it was too sunny and the fish were scared. Then we discovered that the fish had gone elsewhere. When we found the fish, we started casting to them with nice juicy baitfish flies." So also is the story of the ISM...
    Posted to Risk Management Blog (Weblog) by rybolov on 06-21-2007

  • Re: What Problem Does Risk Assessment Really Solve?

    Hello to all, I just wanted to jump in with my point of view. Most organisations think they have a kind of risk management. But what they really do is patchwork. They somehow discover new threads, decide with some gut instinct what to do and by some technology, whensoever they get the budget. When asked...
    Posted to Risk Management (Forum) by Holger Reichert on 05-15-2007

  • Status of the RA Methodology?

    Michael, Whats the status of this? Are you looking for volunteers? Any ETA? Do you have a task list of whats left to be done?
    Posted to Risk Management (Forum) by mcurphey on 05-08-2007
Page 1 of 1 (7 items)
All Rights Reserved - The ISM-Community
Powered by Community Server (Commercial Edition), by Telligent Systems