Re: BS7799 and Risk Analysis

From: Andy Cuff (lists_at_securitywizardry.com)
Date: 03/30/04

  • Next message: Cesar Osorio: "RE: Wireless access"
    To: "Net Solvers" <net_solvers@yahoo.com>, <firewalls@securityfocus.com>, <security-basics@securityfocus.com>, <security-management@securityfocus.com>
    Date: Tue, 30 Mar 2004 22:05:10 +0100
    
    

    Hi
     I haven't seen any reply to this on the lists I regularly watch and whilst
    I can't give you a definitive answer could point you to some training I fell
    across today. I was looking for a weeks training that would set me in good
    stead for the future and was debating between CISSP and BS7799 and yes I
    know they are a World apart.

    I've pretty much settled for CISSP but thought the BS7799 Lead Auditor
    training may be of interest to you, it's by 7safe
    http://www.7safe.com/bs7799-lead-auditor.htm

    Hope it helps
    -andy

    Talisker Security Tools Directory
    http://www.securitywizardry.com
    ----- Original Message -----
    From: "Net Solvers" <net_solvers@yahoo.com>
    To: <firewalls@securityfocus.com>; <security-basics@securityfocus.com>;
    <security-management@securityfocus.com>
    Sent: Tuesday, March 16, 2004 6:34 AM
    Subject: BS7799 and Risk Analysis

    > Hi friends,
    > I would like to get some help on Risk analysis methodology adopted for
    while doing BS7799 ISMS implementation. What risk analysis methodology do we
    need to adopt. To what depth do we need to conduct the risk analysis. When
    we do Risk Analysis for large organizations with more IT assets, spread
    across cities, then what should be the approach. Since there are many IT
    assets, time taken to conduct RA will be more. How do we reduce the
    timeframe. Is manual RA appropriate or RA using commercial tools is
    appropriate. How do you rate some commercial tools (like Cobra, Cramm,
    Callio Secura etc). Please provide some good pointers.
    >
    > Thanks in Advance
    > Security Novice
    >
    >
    > Do you Yahoo!?
    > Yahoo! Mail - More reliable, more storage, less spam

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------


  • Next message: Cesar Osorio: "RE: Wireless access"

    Relevant Pages

    • Re: Risk Analysis and Common Criteria
      ... Risk Analysis is a complete process and I tell you about what to read or do ... how you could proceed to create, manage the security in your enterprise.. ... I'm concerned I've not really worked with the Common Criteria but I've spend ... world's premier event for IT and network security experts. ...
      (Security-Basics)
    • REVIEW: "Information Security Risk Analysis", Thomas R. Peltier
      ... "Information Security Risk Analysis", Thomas R. Peltier, 2001, ... %T "Information Security Risk Analysis" ... Review mailing list: send mail to techbooks-subscribe@egroups.com ...
      (alt.computer.security)
    • Re: Re: Risk Analysis and Common Criteria
      ... I did a Master In Information Security at the E.N.S.I.B. ... Did you do a "little" Risk Analysis on one ...
      (Security-Basics)
    • REVIEW: "Information Security Risk Analysis", Thomas R. Peltier
      ... "Information Security Risk Analysis", Thomas R. Peltier, 2001, ... %T "Information Security Risk Analysis" ... Review mailing list: send mail to techbooks-subscribe@egroups.com ...
      (comp.security.misc)
    • Re: BS7799 and Risk Analysis
      ... Continuity syllabus to get a better handle on how risk analysis, ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)