O'Reilly logo

Security Risk Assessment by John M. White

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5

Information Gathering

Abstract

An important step in conducting a security risk assessment is gathering the important files, statistics, reports, policies, and other information needed to properly evaluate a security program and operations. There are many resources available to a security practitioner regarding best practices and industry standards, and we have listed many of them in this chapter. These information sources will give you the foundation material of an existing security program and will be used to measure the program’s effectiveness. We will walk you through the process and identify numerous possible sources of information, both within your organization and from outside entities and third parties and give you examples of how ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required