|
|
|
Date Submitted:
08/25/05
Hits: 87 Rating:  based on 0 votes
A qualitative risk analysis and management tool - CRAMMAdded by Papergrl
Description:
Facing the emerging challenges of the Internet era, managers and information security professionals in business and government should manage specific risks to their organizations to ensure efficient operations. This paper explains basic components of risk analysis and management processes and mentions different methodologies and approaches. It then describes and discusses CRAMM, as an automated tool based on qualitative risk assessment methodology, by going through the stages of a CRAMM review, i.e. asset identification and valuation, threat and vulnerability assessment, and countermeasure recommendation. Raising organizational awareness CRAMM is a comprehensive and flexible tool especially for justifying prioritized countermeasures at a managerial level, needing, however, qualified and experienced practitioners for efficient results.
Read the Complete Paper You don't have permission to post replies. Please login or register. |