Re: BS7799 and Risk Analysis

From: Andy Cuff (
Date: 03/30/04

  • Next message: Cesar Osorio: "RE: Wireless access"
    To: "Net Solvers" <>, <>, <>, <>
    Date: Tue, 30 Mar 2004 22:05:10 +0100

     I haven't seen any reply to this on the lists I regularly watch and whilst
    I can't give you a definitive answer could point you to some training I fell
    across today. I was looking for a weeks training that would set me in good
    stead for the future and was debating between CISSP and BS7799 and yes I
    know they are a World apart.

    I've pretty much settled for CISSP but thought the BS7799 Lead Auditor
    training may be of interest to you, it's by 7safe

    Hope it helps

    Talisker Security Tools Directory
    ----- Original Message -----
    From: "Net Solvers" <>
    To: <>; <>;
    Sent: Tuesday, March 16, 2004 6:34 AM
    Subject: BS7799 and Risk Analysis

    > Hi friends,
    > I would like to get some help on Risk analysis methodology adopted for
    while doing BS7799 ISMS implementation. What risk analysis methodology do we
    need to adopt. To what depth do we need to conduct the risk analysis. When
    we do Risk Analysis for large organizations with more IT assets, spread
    across cities, then what should be the approach. Since there are many IT
    assets, time taken to conduct RA will be more. How do we reduce the
    timeframe. Is manual RA appropriate or RA using commercial tools is
    appropriate. How do you rate some commercial tools (like Cobra, Cramm,
    Callio Secura etc). Please provide some good pointers.
    > Thanks in Advance
    > Security Novice
    > Do you Yahoo!?
    > Yahoo! Mail - More reliable, more storage, less spam

    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:

  • Next message: Cesar Osorio: "RE: Wireless access"