Blog Stats
- 75,522 hits
Daily Archives: March 24, 2014
iRisk
iRisk, or the iRisk equation is another quantitative analysis formula. Like most quantitative analysis models, you solve for the risk by calculating the threat and vulnerability, and lower the risk when mitigating or compensating controls are added. Here is where … Continue reading
Posted in Security Blog
Tagged 2014, fair, irisk, ISO 27001, ISO 27005, NIST 800-39, NIST 800-53, octave, quantitative, risk analysis
Comments Off on iRisk
BCJs in an SSAE-16
I looked everywhere for this acronym that I found while processing a Type II SSAE-16. I guessed pretty close, but since someone helped me find it, you may have to google it one day and hopefully you will find that: … Continue reading