INTRODUCTION
Frequently Asked Questions
Conclusion
RISK MANAGEMENT
Overview
Risk Management as Part of the Business Process
Employee Roles and Responsibilities
Information Security Life Cycle
Risk Analysis Process
Risk Assessment
Cost-Benefit Analysis
Risk Mitigation
Final Thoughts
RISK ASSESSMENT PROCESS
Introduction
Risk Assessment Process
Information Is an Asset
Risk Assessment Methodology
Final Thoughts
QUANTITATIVE VERSUS QUALITATIVE RISK ASSESSMENT
Introduction
Quantitative and Qualitative Pros and Cons
Qualitative Risk Assessment Basics
Qualitative Risk Assessment Using Tables
The 30-Minute Risk Assessment
Conclusion
OTHER FORMS OF QUALITATIVE RISK ASSESSMENT
Introduction
Hazard Impact Analysis
Questionnaires
Single Time Loss Algorithm
Conclusion
FACILITATED RISK ANALYSIS AND ASSESSMENT PROCESS (FRAAP)
Introduction
FRAAP Overview
Why The FRAAP Was Created
Introducing the FRAAP to Your Organization
Conclusion
VARIATIONS ON THE FRAAP
Overview
Infrastructure FRAAP
Conclusion
MAPPING CONTROLS
Controls Overview
Creating Your Controls List
Control List Examples
BUSINESS IMPACT ANALYSIS (BIA)
Overview
Creating a BIA Process
CONCLUSION
Appendix A: Sample Risk Assessment Management Summary Report
Appendix B: Terms and Definitions
Appendix C: Bibliography
Biography
Thomas R. Peltier
