Hi Steven,
You may want to check this out for risk assessment for illegal or
inappropriate content - compliance to Computer Usage Policy
http://pixalert.com/demo/
Jack Mangan
PixAlert Inc.
3 Littleton Rd.
Westford, MA 01886
Tel: 978-692-9897
Fax: 978-392-1901
Mobile: 339-222-0627
www.pixalert.com
Protection from Illicit Image Abuse
-----Original Message-----
From: Salaets, Steven [mailto:Steven.Salaets@windriver.com]
Sent: Wednesday, June 08, 2005 2:34 PM
To: Rafael de Dios; Jeff Bardin; lightningstorm53@yahoo.com;
altb@educationcentral.org; security-management@securityfocus.com
Subject: RE: Risk Assessment Standards
Hi all,
I am currently in the process of doing a first risk assessment for my
company, I've done a lot of research for the past few weeks and last
week I've started on my risk assessment and I think it starts to look
pretty good. However I've never seen another risk assessment in my life,
only company / government guidelines based on the known standards. I
googled around to find some but couldn't find anything satisfying.
Anyone that knows about a few completed risk assessment or knows about
some nice templates that are available?
Regards,
Steven
-----Original Message-----
From: Rafael de Dios [mailto:rdi@nl.intrum.com]
Sent: Sunday, June 05, 2005 11:56 PM
To: Jeff Bardin; lightningstorm53@yahoo.com; altb@educationcentral.org;
security-management@securityfocus.com
Subject: RE: Risk Assessment Standards
Hi all
I have seen this discussion today and I have a question for all of you:
What are the differences between CRAMM and OCTAVE? Is there any?
Regards,
Rafael de Dios
Security Analyst
Disclaimer
This message (including any attachments) is confidential and may be
privileged. If you have received it by mistake please notify the sender
by return e-mail and delete this message from your system. Any
unauthorised use or dissemination of this message in whole or in part is
strictly prohibited.
-----Original Message-----
From: Jeff Bardin [mailto:jsbardin@hotmail.com]
Sent: Saturday, June 04, 2005 12:36 PM
To: lightningstorm53@yahoo.com; altb@educationcentral.org;
security-management@securityfocus.com
Subject: Re: Risk Assessment Standards
OCTAVE follows ISO17799. Very detail oriented but will get the job done
if
you have the stamina to stay with it. I was licensed to both teach and
deliver OCTAVE at one point but the $6k per year renewal fee didn't seem
worth the support I received (or did not receive) from CMU.
Cobra is a tool based on ISO17799. Riskwatch is another tool that has
mutiple modules but is very detailed as well.
Regards,
Jeff
From: Chris Raymond <lightningstorm53@yahoo.com>
To: "Alt, Brandon C."
<altb@educationcentral.org>,security-management@securityfocus.com
Subject: Re: Risk Assessment Standards
Date: Wed, 1 Jun 2005 20:04:32 -0700 (PDT)
IAM (InfoSec Assessment Methodology) This one has a
good methogology, but has a limited depth in the
assessment area. It is a good assessment
methogodology overall.
I've heard down side to Octave, but nothing about
cobra.
Chris Raymond
Master of Information Assurance and Computer Security
student
--- "Alt, Brandon C." <altb@educationcentral.org>
wrote:
I'm looking to find what standards are available for
performing a
security risk assessment. What's out there? I know
of Cobra and Octave,
but have never used them. Does anyone have any
experience with these
two? What other standards do other follow?
Thanks.
Brandon Alt
Information Security Manager
Technology Division
Duval County Public Schools
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
