Newsflash

New Form Uploaded - I have just uploaded a Chain of Custody form in Word format that can be modified. I will be adding more documents in the Forensics and other sections in the near future. Be sure to check back often.
 

Main Menu

Home
About Me
Security Guide News
Blog
Free Security Tools
Threat Console
Contact Me
Downloads

Latest Security News

Security Advisories
Phishing Scams
SecurityFocus News
Virus Alerts
Yahoo Security News

Google Ads

powered_by.png, 1 kB

Latest News

Popular


Home arrow Security Guide News arrow SG Latest News arrow Risk Management Tool Released
Risk Management Tool Released
Thursday, 27 September 2007

NEW RELEASE! -  New system risk management
tracking and analysis tool. First in a series of
free tools and documents for security professionals.

The Excel tool is used to analyze and track risks to IT systems. This tool is designed to
handle up to 100 systems and some areas can be modified. There is a dashboard in
the third sheet that displays averages and trends for all systems entered on sheet 2.
Cell colors and values are automatically calculated in several fields. The following
areas are tracked in this tool:

System Name, Service, or ID

Name of the project, system, or service being evaluated.

Risk Category

Category for the risk danger.

Risk root cause and related factors

Reasons and key elements why the risk (event) exists.

Risk event

Description of the risk (i.e. uncertain event that may or may not happen). 

Consequence

Something that follows when the risk event materializes

(i.e. what would it mean in practice if the risk materialized).

Initial Estimated Impact Estimation of the impact if risk materialized.

1= Insignificant
2= Some impact
3= Meaningful impact
4= Significant impact
5= Major impact

Initial Estimated Probability

Estimation of the likelyhood of the risk materializing [1(low) - 3 (high)]

Initial Risk Magnitude

Automatic calculation probability [1-3] x impact [1-5] resulting in

HIGH-MEDIUM-LOW magnitude indication.

Current Estimated Impact

Estimation of the impact if risk materialized. 

1= Insignificant
2= Some impact
3= Meaningful impact
4= Significant impact
5= Major impact

Current Estimated Probability

Estimation of the likelyhood of the risk materializing [1(low) - 3 (high)]

Current Risk Magnitude

Automatic calculation probability [1-3] x impact [1-5] resulting in

HIGH-MEDIUM-LOW magnitude indication.

Monetary Estimated Impact

Estimation of money lost if risk materialized.

Risk Owner

The eventual owner of the risk, often the same as the business owner.

Control Strategy

The main strategy to control the risk. [Pull-down list; set on this sheet]

Expected actions

Feasible controlling and monitoring actions to

be taken aiming at optimum result(s). 

Action owner

The name of the person(s) responsible for implementing

the agreed action(s).

Schedule

The schedule for the actions (sometimes can be "continuous").

Current status

Follow up of the agreed actions.

Date Updated

Date the risk information was late updated
Last Updated ( Thursday, 27 September 2007 )
 
Next >
[ Back ]
© 2008 thesecurityguide.com