Security Basics mailing list archives
Re: Risk methodologies
From: "Anestis Demopoulos" <anesde () gmail com>
Date: Wed, 11 Apr 2007 10:38:19 +0300
You can also check the BS7799 approach to Risk Assessment. It combines assets value & threats and vulnerabilities values to assess the risk per asset. Regards, Anestis On 4/10/07, Huyser, Brad [IDCU] <Brad.Huyser () iacudiv state ia us> wrote:
Two of them that I can think of right are the OCATAVE-S (http://www.cert.org/octave/osig.html) and the STAR methodology (http://security.vt.edu/playitsafe/index.php) Brad -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of offset Sent: Monday, April 09, 2007 2:50 PM To: security-basics () securityfocus com Subject: Risk methodologies I'm currently researching Risk methodologies (more aligned with IT risk). I know of the NIST publication sp800-30. Are there any other resources/papers that I could research to get different perspectives? Thanks in advance, offset
Current thread:
- Risk methodologies offset (Apr 09)
- RE: Risk methodologies Huyser, Brad [IDCU] (Apr 10)
- Re: Risk methodologies Anestis Demopoulos (Apr 11)
- <Possible follow-ups>
- Re: RE: Risk methodologies svavar (Apr 11)
- RE: Risk methodologies Huyser, Brad [IDCU] (Apr 10)