Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
2Activity

Table Of Contents

Chapter 1: Introduction to the Security Risk Management Guide
The Environmental Challenges
A Better Way
Microsoft Role in Security Risk Management
Guide Overview
Critical Success Factors
Next Steps
Content Overview
Tools and Templates
Executive Sponsorship
A Well-Defined List of Risk Management Stakeholders
Organizational Maturity in Terms of Risk Management
An Atmosphere of Open Communication
A Spirit of Teamwork
A Holistic View of the Organization
Authority Throughout the Process
Chapter 2: Survey of Security Risk Management Practices
The Reactive Approach
The Proactive Approach
Quantitative Risk Assessment
Qualitative Risk Assessment
Comparing the Two Approaches
Chapter 3: Security Risk Management Overview
Risk Management vs. Risk Assessment
Communicating Risk
Determining Your Organization's Risk Management Maturity Level
Defining Roles and Responsibilities
Chapter 4: Assessing Risk
Required Inputs for the Assessing Risk Phase
Participants in the Assessing Risk Phase
Tools Provided for the Assessing Risk Phase
Required Output for the Assessing Risk Phase
Alignment
Scoping
Stakeholder Acceptance
Preparing for Success: Setting Expectations
Embracing Subjectivity
Data Gathering Keys to Success
Risk Discussion Preparation
Identifying and Classifying Assets
Organizing Risk Information
Facilitating Risk Discussions
Facilitating Discussions
Defining Impact Statements
Data Gathering Summary
Primary Tasks and Deliverables
Preparing for Success
Prioritizing Security Risks
Quantifying Risk
Facilitating Success in the Conducting Decision Support Phase
Chapter 5: Conducting Decision Support
Required Input for the Conducting Decision Support Phase
Participants in the Conducting Decision Support Phase
Tools Provided for the Conducting Decision Support Phase
Required Outputs for the Decision Support Phase
Considering the Decision Support Options
Keys to Success
Step One: Defining Functional Requirements
Step Two: Identifying Control Solutions
Step Three: Reviewing the Solution Against Requirements
Step Five: Estimating Solution Cost
Step Six: Selecting the Risk Mitigation Solution
Chapter 6: Implementing Controls and Measuring Program Effectiveness
Required Input for the Implementing Controls Phase
Participants in the Implementing Controls Phase
Tools Provided for the Implementing Controls Phase
Required Outputs for the Implementing Controls Phase
Organizing the Control Solutions
Required Inputs for the Measuring Program Effectiveness Phase
Participants in the Measuring Program Effectiveness Phase
Tools Provided for the Measuring Program Effectiveness Phase
Required Outputs for the Measuring Program Effectiveness Phase
Developing Your Organization's Security Risk Scorecard
Measuring Control Effectiveness
Reassessing New and Changed Assets and Security Risks
Appendix A: Ad-Hoc Risk Assessments
Appendix B: Common Information Systems Assets
Appendix C: Common Threats
Appendix D: Vulnerabilities
Acknowledgments
0 of .
Results for:
No results containing your search query
P. 1
The Security Risk Management Guide

The Security Risk Management Guide

Ratings: (0)|Views: 119 |Likes:
Published by dansguardian123

More info:

Published by: dansguardian123 on Feb 29, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

11/12/2012

pdf

text

original

You're Reading a Free Preview
Pages 4 to 11 are not shown in this preview.
You're Reading a Free Preview
Pages 15 to 69 are not shown in this preview.
You're Reading a Free Preview
Pages 73 to 88 are not shown in this preview.
You're Reading a Free Preview
Pages 92 to 121 are not shown in this preview.

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->