Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date

Showing 1 - 10 of 49 results for the Risk Assessment

Podcast | March 2014 - Podcast Comparing IT Risk Assessment and Analysis Methods By Ben Tomhave, Erik Heidt, Julia H. Allen

In this podcast, the presenters discuss IT risk assessment and analysis, and comparison factors for selecting methods that are a good fit for your organization.

Podcast | November 2007 - Podcast The Path from Information Security Risk Assessment to ... By William R. Wilson, Julia H. Allen

In this podcast, William Wilson explains how an information security risk assessment, performed with operational risk management, can contribute to compliance.

Podcast | September 2008 - Podcast Security Risk Assessment Using OCTAVE Allegro By Lisa R. Young, Julia H. Allen

In this podcast, Lisa Young describes OCTAVE Allegro, a streamlined assessment method that focuses on risks to information used by critical business services.

Brochure | November 2015 - Brochure Insider Threat Vulnerability Assessment

This brochure describes the Insider Threat Vulnerability Assessment and benefits of conducting one on your organization.

Technical Note | October 2016 - Technical Note A Mapping of the Federal Financial Institutions Examination ... By Jeffrey L. Pinckard, Michael Rattigan, Robert A. Vrtis

To help financial organizations assess cyber resilience, we map FFIEC Cybersecurity Assessment Tool (CAT) statements to Cyber Resilience Review (CRR) questions.

Technical Report | May 2007 - Technical Report Introducing OCTAVE Allegro: Improving the Information ... By Richard A. Caralli, James F. Stevens, Lisa R. Young, William R. Wilson

In this 2007 report, the authors highlight the design considerations and requirements for OCTAVE Allegro based on field experience.

Presentation | February 2011 - Presentation Risk and Resilience: Considerations for Information Security ... By Julia H. Allen, James J. Cebula

In this presentation, the authors introduce audience members to the CERT Resilience Management Model.

Technical Note | July 2008 - Technical Note Preview of the Mission Assurance Analysis Protocol (MAAP) ... By Christopher J. Alberts, Audrey J. Dorofee, Lisa Marino

In this 2008 document, the authors preview a core set of activities and outputs that define a MAAP assessment.

Technical Note | May 2006 - Technical Note Applying OCTAVE: Practitioners Report By Carol Woody, Johnathan Coleman (No Affiliation), Michael Fancher (No Affiliation), Carol Myers (No Affiliation), Lisa R. Young

In this report, the authors describe how OCTAVE has been used and tailored to fit a wide range of organizational risk assessment needs.

Technical Note | January 2014 - Technical Note A Proven Method for Identifying Security Gaps in International ... By Greg Crabb (United States Postal Service), Julia H. Allen, Pamela D. Curtis, Nader Mehravari

In this report, the authors describe a method of identifying physical security gaps in international mail processing centers and similar facilities.