Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date

Showing 1 - 10 of 76 results for the Risk Assessment

Technical Note | October 2016 - Technical Note A Mapping of the Federal Financial Institutions Examination ... By Jeffrey L. Pinckard, Michael Rattigan, Robert A. Vrtis

To help financial organizations assess cyber resilience, we map FFIEC Cybersecurity Assessment Tool (CAT) statements to Cyber Resilience Review (CRR) questions.

Brochure | November 2015 - Brochure Insider Threat Vulnerability Assessment

This brochure describes the Insider Threat Vulnerability Assessment and benefits of conducting one on your organization.

Technical Report | May 2007 - Technical Report Introducing OCTAVE Allegro: Improving the Information ... By Richard A. Caralli, James F. Stevens, Lisa R. Young, William R. Wilson

In this 2007 report, the authors highlight the design considerations and requirements for OCTAVE Allegro based on field experience.

Presentation | February 2011 - Presentation Risk and Resilience: Considerations for Information Security ... By Julia H. Allen, James J. Cebula

In this presentation, the authors introduce audience members to the CERT Resilience Management Model.

Presentation | November 2010 - Presentation Goal-Based Assessment for the Cybersecurity of Critical ...

In this presentation, Software Engineering Institute researchers show how using assurance cases can improve the results of cybersecurity risk assessments.

Technical Note | July 2008 - Technical Note Preview of the Mission Assurance Analysis Protocol (MAAP) ... By Christopher J. Alberts, Audrey J. Dorofee, Lisa Marino

In this 2008 document, the authors preview a core set of activities and outputs that define a MAAP assessment.

Technical Note | May 2006 - Technical Note Applying OCTAVE: Practitioners Report By Carol Woody, Johnathan Coleman (No Affiliation), Michael Fancher (No Affiliation), Carol Myers (No Affiliation), Lisa R. Young

In this report, the authors describe how OCTAVE has been used and tailored to fit a wide range of organizational risk assessment needs.

Technical Note | January 2014 - Technical Note A Proven Method for Identifying Security Gaps in International ... By Greg Crabb (United States Postal Service), Julia H. Allen, Pamela D. Curtis, Nader Mehravari

In this report, the authors describe a method of identifying physical security gaps in international mail processing centers and similar facilities.

Brochure | June 2009 - Brochure SGMM: First Annual Report on Smart Grid Implementation

As of July 2009, 53 utilities have completed the Smart Grid Maturity Model (SGMM) assessment. Results indicate that most utilities are just starting smart grid implementation and are focusing their efforts on one or two of the eight SGMM domains.

Brochure | February 2011 - Brochure Customized Insider Threat Executive Workshop

This brochure describes the Customized Insider Threat Executive Workshop, which focuses on an organization's specific insider threat needs and objectives.