Recent Events for MainPageDiary (Blog)


Difference between revision 3 and current revision

No diff available.

Draft risk analysis

More people are killed every year by pigs than by sharks, which shows you how good we are at evaluating risk.

  To determine the potential threats against an asset and the probability that will happen
  To determine how to protect the assets and from who/what with the cost parameter in mind
  Risk is depending of the environment,
  Risk is evolving with time,
  Risk analysis/assessment can be a risk,
  Various methods, approaches exist for risk analysis/assessment. There is no silver bullet...
  Limit separation between risks assessment and implementation of measure
  Don't minize the human factor
  Don't minize legal framework without falling into it
  Involve everyone at beginning and bridging technical with non-technical people
  Don't forget that software or computer system may have a shorter time live than the risk analysis ;-)
  Use common terminology (RFC 2828 Internet Security Glossary can help you on that)

Implementation RFC 2196