O'Reilly logo

Information Risk Management: A practitioner’s guide by Sutton, David

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

APPENDIX E METHODOLOGIES, GUIDELINES AND TOOLS

The Collins English Dictionary defines a methodology as a way of proceeding or doing something, especially a systematic or regular one.

The discipline of risk management has its fair share of methodologies, some of which we describe here.

METHODOLOGIES

CORAS

CORAS is an open-source risk management tool available from SourceForge without the additional scope included in SABSA (see Appendix E, SABSA). It consists of eight discrete steps, which follow the generic risk management principles.

  • Step 1 is the initial preparation for a risk analysis. The main objective is to understand what the target is and what the size of the analysis will be.
  • Step 2 establishes the overall goals of the analysis and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required