Presentation is loading. Please wait.

Presentation is loading. Please wait.

Risk Assessment in NORDUnet

Published byThomasina Grant Modified over 6 years ago

Similar presentations

Presentation on theme: "Risk Assessment in NORDUnet"— Presentation transcript:

1 Risk Assessment in NORDUnet
[TLP:GREEN] Jacob Wolf

2 Why risk assessment? Treat risks that matters
Implement only necessary security Report risk correctly Assign risk responsibility Take better business decisions

3 Method As mentioned on our last meeting, I use OCTAVE Allegro.
Benefits: Easy security-business alignment Structured, quantitative and qualitative Easy reporting Disadvantages: No good tools. I had to invent my own. Workflow: Analyze what risks management priorities Describe environment Processes Critical information (data that is key to the process) Containers (technical, human, physical artifacts that handle the information) Threats Analyze each threat Threats are scored regarding impact and likelihood. Decide actions Action (transfer, modify, accept, defer, ..) Select controls for each affected container

4 I talked about my tool at our last meeting Since last meeting, I have:
Improved data structure Created a web application (easier to use) Soon, I will publish it on github

5 Example I will now show the risk tool.

6 The Future? I haven't migrated all my risk analysis to the new tool. This will follow very soon. I will be happy to share generic risk analysis that could benefit this group (as [TLP:Amber]).

Download ppt "Risk Assessment in NORDUnet"

Similar presentations

What to Provide to OMB History of the rule Problem to be addressed –Quantitative and qualitative analysis “Significant Regulatory Action” under 12866(3)(f)

What to Provide to OMB History of the rule Problem to be addressed –Quantitative and qualitative analysis “Significant Regulatory Action” under 12866(3)(f)
Project Management Gaafar 2007 / 1 This Presentation is uses information from PMBOK Guide 2000 Project Management Risk Management* Dr. Lotfi Gaafar.

Project Management Gaafar 2007 / 1 This Presentation is uses information from PMBOK Guide 2000 Project Management Risk Management* Dr. Lotfi Gaafar.
Introducing Computer and Network Security

Introducing Computer and Network Security
Project Risk Management

Project Risk Management
The Australian/New Zealand Standard on Risk Management

The Australian/New Zealand Standard on Risk Management
By: Ashwin Vignesh Madhu

By: Ashwin Vignesh Madhu
Marketing research and Marketing Planning at Tesco.

Marketing research and Marketing Planning at Tesco.
R-1 Project Risk Management. R-2  Qualitative Risk Analysis  Quantitative Risk Analysis  Risk Response Planning  Sticky note technique  Risk matrix.

R-1 Project Risk Management. R-2  Qualitative Risk Analysis  Quantitative Risk Analysis  Risk Response Planning  Sticky note technique  Risk matrix.
Visual 3. 1 Lesson 3 Risk Assessment and Risk Mitigation.

Visual 3. 1 Lesson 3 Risk Assessment and Risk Mitigation.
PRM 702 Project Risk Management Lecture #28

PRM 702 Project Risk Management Lecture #28
1 Introduction to Security Chapter 5 Risk Management: The Foundation of Private Security.

1 Introduction to Security Chapter 5 Risk Management: The Foundation of Private Security.
Introducing Computer and Network Security. Computer Security Basics What is computer security? –Answer depends on the perspective of the person you’re.

Introducing Computer and Network Security. Computer Security Basics What is computer security? –Answer depends on the perspective of the person you’re.
CAIRA is a quantitative vulnerability assessment tool for examining the physical security of energy systems (electrical, natural gas, steam and water)

CAIRA is a quantitative vulnerability assessment tool for examining the physical security of energy systems (electrical, natural gas, steam and water)
Analyze Opportunity Part 1

Analyze Opportunity Part 1
Centro de Estudos e Sistemas Avançados do Recife PMBOK - Chapter 11 Project Risk Management.

Centro de Estudos e Sistemas Avançados do Recife PMBOK - Chapter 11 Project Risk Management.
Hartley, Project Management: Integrating Strategy, Operations and Change, 3e Tilde Publishing Chapter 10 Risk Management Proactively managing the positive.

Hartley, Project Management: Integrating Strategy, Operations and Change, 3e Tilde Publishing Chapter 10 Risk Management Proactively managing the positive.
Risk Assessment and Management. Objective To enable an organisation mission accomplishment, by better securing the IT systems that store, process, or.

Risk Assessment and Management. Objective To enable an organisation mission accomplishment, by better securing the IT systems that store, process, or.
Chapter 11: Project Risk Management

Chapter 11: Project Risk Management
Risk Management in the Built Environment Qualitative and Quantitative Risk Management By Professor Simon Burtonshaw-Gunn – licensed under the Creative.

Risk Management in the Built Environment Qualitative and Quantitative Risk Management By Professor Simon Burtonshaw-Gunn – licensed under the Creative.
PMP Study Guide Chapter 6: Risk Planning. Chapter 6 Risk Planning Planning for Risks Plan Risk Management Identifying Potential Risk Analyzing Risks Using.

PMP Study Guide Chapter 6: Risk Planning. Chapter 6 Risk Planning Planning for Risks Plan Risk Management Identifying Potential Risk Analyzing Risks Using.

Similar presentations

Ads by Google