Penetration Testing mailing list archives

Re: Is there any way to measure IT Security??

From: "Larry Marin (Irony Account)" <irony () trini org>
Date: Thu, 28 Jul 2005 12:29:57 -0400

You should check out NSA IAM/IEM Methodology...it works well for me.
http://www.iatrp.com/iam.cfm


Toto A Atmojo wrote:

Dear all,

Currently I’m looking for a tool, or a technique to measure IT security?
The baseline for security is CIA (Confidentiality, Integrity andAvailability), that is every organization which want to called securemust be guarantee that their system comply this matter.
But the problem is, we need a tool/technique to measure how secure arewe. Therefore, wee need a tool/technique to measure how close that oursystem status now to CIA.
Please share your experience about this matter.
If there any link about this issue, I really appreciate if you shareto us (You may contact me privately) .
Best Regs,

Toto

Current thread:

Re: Is there any way to measure IT Security?? Larry Marin (Irony Account) (Jul 28)
- RE: Is there any way to measure IT Security?? Jose Varghese (Jul 29)
- <Possible follow-ups>
- RE: Is there any way to measure IT Security?? Craig Wright (Jul 28)