Home page logo
/

basics logo Security Basics mailing list archives

Re: BS7799 and Risk Analysis
From: "Andy Cuff" <lists () securitywizardry com>
Date: Tue, 30 Mar 2004 22:05:10 +0100

Hi
 I haven't seen any reply to this on the lists I regularly watch and whilst
I can't give you a definitive answer could point you to some training I fell
across today.  I was looking for a weeks training that would set me in good
stead for the future and was debating between CISSP and BS7799 and yes I
know they are a World apart.

I've pretty much settled for CISSP but thought the BS7799 Lead Auditor
training may be of interest to you, it's by 7safe
http://www.7safe.com/bs7799-lead-auditor.htm

Hope it helps
-andy

Talisker Security Tools Directory
http://www.securitywizardry.com
----- Original Message ----- 
From: "Net Solvers" <net_solvers () yahoo com>
To: <firewalls () securityfocus com>; <security-basics () securityfocus com>;
<security-management () securityfocus com>
Sent: Tuesday, March 16, 2004 6:34 AM
Subject: BS7799 and Risk Analysis


Hi friends,
    I would like to get some help on Risk analysis methodology adopted for
while doing BS7799 ISMS implementation. What risk analysis methodology do we
need to adopt. To what depth do we need to conduct the risk analysis.  When
we do Risk Analysis for large organizations with more IT assets, spread
across cities, then what should be the approach. Since there are many IT
assets, time taken to conduct RA will be more. How do we reduce the
timeframe. Is manual RA appropriate or RA using commercial tools is
appropriate. How do you rate some commercial tools (like Cobra, Cramm,
Callio Secura etc). Please provide some good pointers.

Thanks in Advance
Security Novice


Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]