Welcome to the Security Forum Risk Management Web pageMembers - please Log in to see the existing draft deliverables and current work in progress.
Management of risk is an essential part of the security practitioner’s work – assessing risk and vulnerability relative to the security, safety, and dependability of IT systems, to enable business managers to arrive at optimum business risk decisions.
We are developing the FAIR (Factor Analysis for Information Risk) approach, which takes a completely fresh analysis of the true factors affecting risk evaluations and in doing so clarifies traditional (confusing) risk management terminology.
This Risk Management project targets two firm deliverables plus a third proposed deliverable:
• A standard which defines a rigorous Risk Taxonomy
• A standard for Risk Assessment Methodologies
• A recommended Risk Assessment Methodology and Cookbook |
|
|
|
|
Contacts |
|
|
http://www.opengroup.org/nospam?webemail-securityforum |
|