Home > Security Channel FAQs > Security site assessment services > Security site assessment FAQ: Questions for the consultant > Additional resources > How to perform security risk management
FAQs: Security site assessment services:
EMAIL THIS
 START   SECURITY SITE ASSESSMENT PODCAST   SECURITY SITE ASSESSMENT: QUESTIONS FOR THE CLIENT   SECURITY SITE ASSESSMENT: CONSULTANT QUESTIONS   
Security site assessment FAQ: Questions for the consultant


Additional resources
<< PREVIOUS | NEXT >>: Threat matrix and risk analysis resources
 TIPS & NEWSLETTERS TOPICS 

CHAPTER DOWNLOADS

How to perform security risk management


Susan Snedaker
08.30.2007
Rating: --- (out of 5)


Security Channel Update
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


Security risk management is one of the most important services that VARs and consultants can provide for clients. Developing an effective risk management strategy and risk analysis process can make the difference between a client that overcomes an IT security breach and one that is overcome by it. Discover how to use risk management metrics to assess IT security risks and help your clients plan accordingly.

As you're thinking about your company and its critical functions, which we'll review following this section, you should keep a rating scale in mind. Later, after you've compiled your list, you can assign a "criticality rating" to each business function. It's important to have an idea of your rating system in mind before you review your business functions so you can spend the appropriate amount of time and energy on mission-critical functions and less time on minor functions. For example, when you sit down with the finance group, you want to keep them focused on defining the mission-critical business functions while listing all business functions that would be needed for business continuation.


Understanding security risk management

  How to perform security risk management
  Criticality categories
  Recovery time requirements

Business Continuity and Disaster Recovery Planning for IT Professionals
Reprinted from Chapter four of Business Continuity and Disaster Recovery Planning for IT Professionals by Susan Snedaker. Printed with permission from Syngress, a division of Elsevier. Copyright 2007. For more information about this title, please visit www.syngress.com.

Rate this Tip
To rate tips, you must be a member of SearchSecurityChannel.com.
Register now to start rating these tips. Log in if you are already a member.




Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


<< PREVIOUS | NEXT >>: Threat matrix and risk analysis resources
VIEW ALL IN THIS CATEGORY


RELATED CONTENT
Chapter Downloads
Book Chapter: Web hacking
Testing the firewall - Introduction
Check Point NGX R65 operational changes
Common injection attacks
Top security book excerpts of 2007
Google Hacking: Ten security searches that work
Virtual honeypots: Tracking botnets
Tracking botnets
Defending against bots
Botnets summary

Business risk assessment and risk analysis
Loss leaders: Security products and services to get a foot in the door
Getting to know the NERC CIP standards
The intersection of security and disaster recovery
Remote vulnerability scanning: Process, roles and responsibilities
How to perform a network security audit for customers
Creating your checklist and Summary
How to generate revenue from unified threat management
Unified threat management: Migration and management techniques
Unified threat management: An intro for solution providers
Podcast with Dr. Paul Rohmeyer on choosing a remote management platform

Additional resources
Why is it important to use security metrics with my clients?
Threat matrix and risk analysis resources

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

HomeNewsTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts