Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

FW: Risk Assessment Modeling

from [Schwartz, Richard M.] Network Security [Permanent Link]
Subject: FW: Risk Assessment Modeling
Date: Thu, 19 Aug 2004 10:39:51 -0400 
Re:  Claim of FDIC Approval

Dear Sir or Madam:

It has come to the attention of the Federal Deposit Insurance Corporation
("FDIC") that you are representing to the public that Encierro Solutions'
Matador system has received "the approval" of the FDIC.  This representation
is displayed in the email attached below.  

We are not aware of any evidence that the FDIC has, in any way, approved of
the product, and, as such, we believe that your representation is false.  

Without supporting evidence of "approval," the FDIC strongly objects to the
representation. You should take immediate steps to remove any reference to
FDIC approval from published materials both online and in hard copy.

If you can not provide supporting material demonstrating FDIC "approval,"
you are to advise the FDIC in writing within 15 days of the date of this
e-mail that this action been taken.  This assurance is to be directed to me
in a responsive email, to fax number 202-898-3658 or to FDIC, 550 17th
Street, N.W., Washington, DC  20036, USA.

Thank you for your cooperation regarding this matter.  If you have any
questions, please do not hesitate to contact me at 202-898-7424.  

Sincerely,

Richard M. Schwartz

Counsel

Legal Division

 

-----Original Message-----
From: Irony [mailto:irony@trini.org] 
Sent: Monday, August 09, 2004 1:33 PM
To: 'atlantis 1'; security-management@securityfocus.com
Subject: RE: Risk Assessment Modelling

 

Encierro Solutions specializes in Operations Risk Management Software

solutions for banks and credit unions.

 

The Matador system enables banks to comply with the latest Information

Security Risk Assessment guidelines. The Matador software contains

pre-written risk management scripts with which consultants can help banks

assess and mitigate risks in the quickest, most cost-effective manner. The

system addresses all Information Security areas, including IT, facilities,

third party service providers, and physical records. The system has received

the approval of both OCC and FDIC. 

 

In addition to enabling banks to comply with the Information Security Risk

Assessment guidelines, the Matador system assists in the implementation of

an overall Information Security Risk Management program that is integrated

into a bank's operations. Utilizing the software, banks can assign personnel

to various risk management activities,  prepare a variety of risk management

reports, and view historical data. This system enables banks to view their

risk situation at any given point in time. The Matador system provides

assurance to Senior Management and the Board that a safe and sound risk

management practice is operational in the bank, protecting the best interest

of the bank and its customers.

 

There are also modules to assist banks and credit unions in the task of

Vendor/Third Party Risk Management and Business Continuity Planning.  

 

Brief PowerPoint presentation -

http://www.encierro.biz/infosecurity/first.ppt

 

Sample Screens -

http://www.encierro.biz/screens/screens.htm

 

Sample Reports -

http://www.encierro.biz/reports/reports.htm

 

Other information -

http://www.encierro.biz/infosecurity/matadorannounce.doc

http://www.encierro.biz/infosecurity/formalapproach.doc

http://www.encierro.biz/infosecurity/matadordescription.doc

 

Corporate Web Site -

http://www.encierro.biz/

 

-----Original Message-----

From: atlantis 1 [mailto:atlantis1@fastmail.fm] 

Sent: Monday, August 09, 2004 8:28 AM

To: security-management@securityfocus.com

Subject: Risk Assessment Modelling

 

 

 

Hi,

 

I am currently working on a Risk Assessment Model as part of my

organisation's initiative to prepare for a BS7799 Certification.

 

I have gone through NIST 800-30 and OCTAVE and am accordingly developing an

excel based quasi quantitative model which takes into account threats,

impact, probabilities of occurence in analysing risk.

 

I would like to know whether there are any standard software that can help

me in doing a risk assessment exercise. I have heard about CRAMM, but have

not had an opportunity to use/evaluate it. Any inputs on any good software

applications in the field of Risk Assessment would be much appreciated.

 

Thanks in advance for your help.

 

Regards.

Andrew
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • FW: Risk Assessment Modeling, Schwartz, Richard M. <=
Previous by Date:  Re: Risk Assessment Modelling, atlantis 1
Next by Date:  RE: Create management interest?, Cronican, John
Previous by Thread:  Risk Management software., Jesper R
Next by Thread:  Education ?, Nicholas
Indexes:  [Date] [Thread] [Top] [All Lists]