Inside the Security Mind: Making the Tough Decisions

Relational Security Assessment Model: Controls

The second part of the Relational Security Risk Assessment delves into the degree to which we want to protect objects. For each object, we need to define a minimum level of protection based on risk level. Objects that are of greater risk will most likely have higher control requirements than objects with no security risk.

Now expanded, the basic components of the Relational Security Risk Assessment are:

Risk levels (already discussed)
Risk factors (already discussed)
Controls
Control levels
Risk control policies

Controls

There are various types of controls an organization may standardize on and different types of objects have different types of controls. Servers and routers, for example, provide logging ...

Get Inside the Security Mind: Making the Tough Decisions now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Inside the Security Mind: Making the Tough Decisions by Kevin Day

Relational Security Assessment Model: Controls

Controls

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly