2006-08-02 19:01:08 · 2 answers · asked by pavan18_dreams 1 in Computers & Internet ➔ Programming & Design
Here's a link to a known working risk analysis method. As written, it's oriented towards universities, but it will work just fine for any IT organization. It's actually prtty simple - first you make a list, ranked highest to lowest, of all your machines, based on "how screwed would we be if this machine had issues" (not just hacked - crashed, lost in a disaster, etc). Then make another list, this time sorted by the amount oand scale of risks the machine faces. If any machine is towards the top of both lists, you have a problem.
That's basically it, in a nutshell. And yes, a *lot* of organizations are using it now.
2006-08-02 20:42:20 · answer #1 · answered by Valdis K 6 · 0⤊ 0⤋
Try estimating asset evaluation, detection , and incident handling guidelines.
Make it unprofitable to mess with the system and it will remain relatively secure.
2006-08-03 02:19:43 · answer #2 · answered by ★Greed★ 7 · 0⤊ 0⤋