| TheTAZZone.com |
| TheTAZZone.com website is the Information Arm of the TAZ Zones. . |
| TAZForum |
| TAZForum is a Community run by a Membership Committee of Administrators/Mods/ and regular members. A very relaxed atmosphere, feel free to lounge, relax, and enjoy yourself. |
| TheTAZZone.net |
| A full links page, and the latest posts. |
| The Security Zone |
| The newest installation to TheTAZZone is a no-nonsense forum for security enthusiasts and professionals. |
| TheTAZZone.org |
| Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Duis ligula lorem, consequat eget, tristique nec, auctor quis, purus. Vivamus ut sem. Fusce aliquam nunc vitae purus. |
| The Sports Emporium |
| Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Duis ligula lorem, consequat eget, tristique nec, auctor quis, purus. Vivamus ut sem. Fusce aliquam nunc vitae purus. |
|
| identifying the assets and their values |
| Monday, December 04, 2006 |
Hi
Apart from identifying the assets and their values,
the starting point for such a risk assessment is
what we call the threat agent: hurricanes, floods, fire,
virus, intruder, ..., (spammer, employee, ...)
Then, vulnerabilities for each threat agent are defined,
like thatched roof, lack of antivirus software, lack of entry-control, ...
As a result, you may define threats, like uncontrollable fire,
virus infection, stolen devices or 'secrets', ...
Then you continue with probabilities, impacts, countermeasures, ...
as you know it.
One source of confusion I have seen is the "difference"
between threat agents and threats. Often, these are
used as synonyms, which leads to confusion. At least from a
computer security perspective, a threat agents exploits a
vulnerability to realise a threat.
Good luck 
Cheers
by sec_ware
TAZ Forum :: A Computer, Gaming, and Social Network Community of Friends :: View topic - identifying the assets and their values |
posted by Security News Media @ 3:15 PM  |
|
|
|
|
|
