Critical Systems and Information Forms

Having an inventory of existing equipment and being able to track the organization's documents is just part of the task. If the organization has not provided you with information on critical information and systems, you will have to work with them to determine these items. The Organization Information Criticality Matrix (OICM) is shown in Table B.3 and the Systems Criticality Matrix is shown in Table B.4.

Table B.3. Organization Information Criticality Matrix (OICM)

OICM

Confidentiality

Availability

Integrity

High Watermark

     

Table B.4. Systems Criticality Matrix (SCM)

SCM

Confidentiality

Availability

Integrity

High Watermark

     


Introduction to Assessing Network Vulnerabilities

Foundations and Principles of Security

Why Risk Assessment

Risk-Assessment Methodologies

Scoping the Project

Understanding the Attacker

Performing the Assessment

Tools Used for Assessments and Evaluations

Preparing the Final Report

Post-Assessment Activities

Appendix A. Security Assessment Resources

Appendix B. Security Assessment Forms

Appendix C. Security Assessment Sample Report

Appendix D. Dealing with Consultants and Outside Vendors

Appendix E. SIRT Team Report Format Template



Inside Network Security Assessment. Guarding your IT Infrastructure
Inside Network Security Assessment: Guarding Your IT Infrastructure
ISBN: 0672328097
EAN: 2147483647
Year: 2003
Pages: 138

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net