Sunday, June 05, 2005

Accessing and Managing Security Risks

You can use the following simple process outline for accessing and managing security risks:
  1. Set the scope.
  2. Identify assets and determines their value.
  3. Predict threats and vulnerabilities to assets.
  4. Document the security risks.
  5. Determine a risk management strategy.
  6. Monitor assets.
  7. Track changes to assets.

Adopted from the book Assessing Network Security by Ben Smith, David LeBlanc, Kevin Lam.


Post a Comment

<< Home