snoopy9438
czołg
Dołączył: 14 Lut 2011
Posty: 2614
Przeczytał: 0 tematów
Ostrzeżeń: 0/10
Skąd: England
|
 Wysłany: Wto 0:04, 22 Mar 2011 Temat postu: handbag clearance sale|Subconscious Learningaqz |
|
|
e risks (disallowing activities that can cause risks) or by transferring the risks to third parties (like outsourcing the controls to specialist security agencies). This entire process has been termed as IT Risk Management by NIST which is now regarded as the baseline for the industry. It requires management commitment and assignment of security roles to strategic business process owners in the organization. NIST recommends that the key roles that should contribute to IRM should be Senior Management [link widoczny dla zalogowanych], Chief Information Officer, System/Information owners, Business Managers, Functional Managers [link widoczny dla zalogowanych], IT Security Officers [link widoczny dla zalogowanych], Security Awareness Trainers, and Internal Auditors. The risk assessment recommended by NIST is a nine step structured analytics procedure that should be carried out by the key roles such that the outcome can be collated to form an organization wide risk registry.(b) ISO 27005 Standard: The ISO 27005:2008 is the formal replacement of ISO 13335-3 & ISO 13335-4:2000 which essentially recommends a 100% metrics based evaluation of all the steps of risk assessment described in ISO 13335-3 using quantitative techniques. This standard considers Risk Management, Configuration Management and Change Management as part of an integrated yilai:
[link widoczny dla zalogowanych]
[link widoczny dla zalogowanych]
[link widoczny dla zalogowanych]
[link widoczny dla zalogowanych]
[link widoczny dla zalogowanych]
[link widoczny dla zalogowanych]
[link widoczny dla zalogowanych]
Post został pochwalony 0 razy
|
|
