This 2009 webinar marks the formal launching of a framework developed by CMU and the SEI which provides utilities with a roadmap through their smart grid transformation.
In this podcast, William Wilson explains how an information security risk assessment, performed with operational risk management, can contribute to compliance.
In this podcast, William Wilson explains how business leaders can use international standards to create a business- and risk-based information security program.
In this 2007 report, the authors explore the transformation of security and business continuity into processes to support and sustain operational resiliency.
In this 2007 report, the authors highlight the design considerations and requirements for OCTAVE Allegro based on field experience.
In this 2004 report, the authors itemize characteristics of common approaches to security that limit effectiveness and success.
In this report, the authors describe the critical success factor method and present theories and experience in applying it to enterprise security management.
In this presentation, the authors describe a practical framework for enterprise-wide security management as developed by the CERT Division.
In this presentation, the authors describe the challenges in assuring security, roadblocks that security approaches face, and how to solve these problems.
In this presentation, the authors discuss critical success factors and their use in security management, and provide development and analysis examples.
The Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is a framework for identifying and managing information security risks.
This 1999 report is one of a series of SEI publications that are intended to provide practical guidance to help organizations improve the security of their networked computer systems. This report is intended for system and network administrators, managers of information systems, and security personnel responsible for networked information resources.