Methodology for assessing the security risks associated with computer sites and networks. Part 1: development of a formal questionnaire for collecting security information
Technical Report
·
OSTI ID:5221527
A new methodology has been developed for the assessment of security risks associated with the operation of computer complexes. It is designed to assist computer security managers and their risk assessment teams in obtaining an overall risk figure for their computer site or network. This report emphasizes the determination of harms to computation assets due to various natural and human threats. Natural threats include earthquakes, floods, fires, and other disasters. Human threats include intentional harms such as asset theft or data modification, and unintentional harms such as errors and omissions. A group of individuals assisting each other in reaching a collective goal is also discussed. In addition to asset damages, the effects of damaging the countermeasures protecting the assets, or the supports which allow the operation of the assets, can be determined. The effects of damage to countermeasures which protect other countermeasures or supports can be analyzed also.
- Research Organization:
- Lawrence Livermore National Lab., CA (USA)
- DOE Contract Number:
- W-7405-ENG-48
- OSTI ID:
- 5221527
- Report Number(s):
- UCRL-53292-Pt.1; ON: DE82019806
- Country of Publication:
- United States
- Language:
- English
Similar Records
Framework for generating expert systems to perform computer security risk analysis
Computer Security Risk Assessment
Security Self-Assessment Toolkit for Nuclear Materials Facilities: Focus on Insider Threat Mitigation
Conference
·
Mon Dec 31 23:00:00 EST 1984
·
OSTI ID:5659940
Computer Security Risk Assessment
Software
·
Mon Feb 10 19:00:00 EST 1992
·
OSTI ID:code-12076
Security Self-Assessment Toolkit for Nuclear Materials Facilities: Focus on Insider Threat Mitigation
Technical Report
·
Thu Dec 30 23:00:00 EST 2021
·
OSTI ID:2278665