cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dougjaworski
Newcomer I

Cyber Risk Library

I am working on an exercise with an internal group to develop a library of common cyber related risk and mapping those risk to secuirty controls. Does anyone have any recomendations, or developed a good approach to documenting common risks (not to be confused with threats)?

 

Much Appreciated,

Doug

11 Replies
rslade
Influencer II

> CISOScott (Contributor III) posted a new reply in Tech Talk on 07-31-2018 10:08

> I found this at auditscripts.com. It is a mapping of all of the different
> frameworks.
[...]
> It maps the critical
> controls to 43 of the most popular frameworks.

Impressive, but, unfortunately, hardly comprehensive.

That's the great thing about computer standards--there are so many of them. (I
think that was Tannenbaum, riginally ...)

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Better to be occasionally cheated than perpetually suspicious.
- B. C. Forbes
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
jkavita
Viewer

Hi, I am working on something similar. Could you share the risk library? It would really help me. TIA.