IT Security Risk Assessment A Complete Guide - 2020 Edition. Gerardus Blokdyk
Чтение книги онлайн.
Читать онлайн книгу IT Security Risk Assessment A Complete Guide - 2020 Edition - Gerardus Blokdyk страница 2
the answer to this question is clearly defined’.
There are two ways in which you can choose to interpret this statement;
1.how aware are you that the answer to the question is clearly defined
2.for more in-depth analysis you can choose to gather evidence and confirm the answer to the question. This obviously will take more time, most Self-Assessment users opt for the first way to interpret the question and dig deeper later on based on the outcome of the overall Self-Assessment.
A score of ‘1’ would mean that the answer is not clear at all, where a ‘5’ would mean the answer is crystal clear and defined. Leave emtpy when the question is not applicable or you don’t want to answer it, you can skip it without affecting your score. Write your score in the space provided.
After you have responded to all the appropriate statements in each section, compute your average score for that section, using the formula provided, and round to the nearest tenth. Then transfer to the corresponding spoke in the IT Security Risk Assessment Scorecard on the second next page of the Self-Assessment.
Your completed IT Security Risk Assessment Scorecard will give you a clear presentation of which IT Security Risk Assessment areas need attention.
IT Security Risk Assessment
Scorecard Example
Example of how the finalized Scorecard can look like:
IT Security Risk Assessment
Scorecard
Your Scores:
BEGINNING OF THE
SELF-ASSESSMENT:
Table of Contents
About The Art of Service8
Included Resources - how to access8
Purpose of this Self-Assessment10
How to use the Self-Assessment11
IT Security Risk Assessment
Scorecard Example13
IT Security Risk Assessment
Scorecard14
BEGINNING OF THE
SELF-ASSESSMENT:15
CRITERION #1: RECOGNIZE16
CRITERION #2: DEFINE:27
CRITERION #3: MEASURE:43
CRITERION #4: ANALYZE:57
CRITERION #5: IMPROVE:73
CRITERION #6: CONTROL:90
CRITERION #7: SUSTAIN:102
IT Security Risk Assessment and Managing Projects, Criteria for Project Managers:126
1.0 Initiating Process Group: IT Security Risk Assessment127
1.1 Project Charter: IT Security Risk Assessment129
1.2 Stakeholder Register: IT Security Risk Assessment131
1.3 Stakeholder Analysis Matrix: IT Security Risk Assessment132
2.0 Planning Process Group: IT Security Risk Assessment134
2.1 Project Management Plan: IT Security Risk Assessment136
2.2 Scope Management Plan: IT Security Risk Assessment138
2.3 Requirements Management Plan: IT Security Risk Assessment140
2.4 Requirements Documentation: IT Security Risk Assessment142
2.5 Requirements Traceability Matrix: IT Security Risk Assessment144
2.6 Project Scope Statement: IT Security Risk Assessment146
2.7 Assumption and Constraint Log: IT Security Risk Assessment148
2.8 Work Breakdown Structure: IT Security Risk Assessment150
2.9 WBS Dictionary: IT Security Risk Assessment152
2.10 Schedule Management Plan: IT Security Risk Assessment155
2.11 Activity List: IT Security Risk Assessment157
2.12 Activity Attributes: IT Security Risk Assessment159
2.13 Milestone List: IT Security Risk Assessment161
2.14 Network Diagram: IT Security Risk Assessment163
2.15 Activity Resource Requirements: IT Security Risk Assessment165
2.16 Resource Breakdown Structure: IT Security Risk Assessment167
2.17 Activity Duration Estimates: IT Security Risk Assessment169
2.18 Duration Estimating Worksheet: IT Security Risk Assessment171
2.19 Project Schedule: IT Security Risk Assessment173
2.20 Cost Management Plan: IT Security Risk Assessment175
2.21 Activity Cost Estimates: IT Security Risk Assessment177
2.22 Cost Estimating Worksheet: IT Security Risk Assessment179
2.23 Cost Baseline: IT Security Risk Assessment181
2.24 Quality Management Plan: IT Security Risk Assessment183
2.25 Quality Metrics: IT Security Risk Assessment185
2.26 Process Improvement Plan: IT Security Risk Assessment187
2.27 Responsibility Assignment Matrix: IT Security Risk Assessment189
2.28 Roles and Responsibilities: IT Security Risk Assessment191
2.29 Human Resource Management Plan: IT Security Risk Assessment193
2.30 Communications Management Plan: IT Security Risk Assessment195
2.31 Risk Management Plan: IT Security Risk Assessment197
2.32 Risk Register: IT Security Risk Assessment199
2.33 Probability and Impact Assessment: IT Security Risk Assessment201
2.34 Probability and Impact Matrix: IT Security Risk Assessment203
2.35 Risk Data Sheet: IT Security Risk Assessment205
2.36