Professional Documents
Culture Documents
H CRAMM
CRAMM: CCTA Risk Analysis and Management Method
1987
(CCTA).
(V5.0) 2003
(V5.2) 2009
ISO 27001
..
NATO
CRAMM
CRAMM:
1.
(identification and valuation of assets)
2.
(risk analysis)
3.
(risk management)
1, 2 3
,
.
, ,
,
CRAMM
(hardware)
(hardware), (software)
(data)
1.
1.1:
1.2:
2.
(risk analysis)
2.1:
2.2:
2.3: -
2.4:
3.
(risk management)
3.1:
3.2:
1
:
1:
:
CRAMM,
, ,
CRAMM
1:
:
,
:
, ,
,
,
,
,
,
,
1:
:
1:
:
1
2
:
1
, ..
,
2:
:
:
.
,
.
,
, :
,
,
. ,
,
.
2:
:
:
(
CRAMM)
, 1 () 7
().
,
:
,
.
2:
(
1:7) :
(
1:10),
( 1:5)
( 1:3)
2:
CRAMM
:
2:
:
2
3
:
3:
,
, CRAMM,
.
2.
.
3:
.
:
3:
CRAMM
:
3:
CRAMM:
.
,
,
3:
:
1.
1.1
1.2
2.
2.1
2.2
2.3
2.4
2.5
2.6
3.
3.1
3.2
3.3
3.4
3.5
4.
4.1
4.2
4.3
5.
5.1
5.2
5.3
5.4
6.
6.1
6.2
CRAMM
(..
, ,
, ..)
CRAMM
()
(
)
CRAMM
,
..