Common Risk-Assessment Methodologies and Templates

Many risk-assessment methodologies and templates can be used. Realize that every methodology and approach has it pros and cons. What is most important is learning how to conduct your own risk assessment using elements from each methodology or making the risk-assessment approach fit the organization’s environment. This section will present some of the more popular risk-assessment methodologies, such as

  • ISO 17799— An international standard for conducting a self-assessment and self-certification as per the best practices in information security. ISO17799 evolved from the original BS7799 standard developed out of the United Kingdom.

  • OSSTMM— The Open Source Security Testing Methodology Manual assists ...

Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.