APPENDIX E METHODOLOGIES, GUIDELINES AND TOOLS
The Collins English Dictionary defines a methodology as a way of proceeding or doing something, especially a systematic or regular one.
The discipline of risk management has its fair share of methodologies, some of which we describe here.
METHODOLOGIES
CORAS
CORAS is an open-source risk management tool available from SourceForge without the additional scope included in SABSA (see Appendix E, SABSA). It consists of eight discrete steps, which follow the generic risk management principles.
- Step 1 is the initial preparation for a risk analysis. The main objective is to understand what the target is and what the size of the analysis will be.
- Step 2 establishes the overall goals of the analysis and ...
Get Information Risk Management: A practitioner’s guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.