, (, , -). , . CRAMM 4.
CRAMM ()
Masquerading of User Identity by Insiders
Identification and Authentication
Logical Access Control
Accounting
Audit
Object Re-use
Security Testing
Software Integrity
Mobile Computing and Teleworking
Software Distribution
System Input/Output Controls
Network Access Controls
System Administration Controls
Application Input/Output Controls
Back-up of Data
Personnel
Security Education and Training
Security Policy
Security Infrastructure
Data Protection Legalization
Incident Handling
Compliance Checks
Masquerading of User Identity by Contracted Service Providers
Identification and Authentication
Logical Access Control
Accounting
Audit
Object Re-use
Security Testing
Software Integrity
Mobile Computing and Teleworking
Software Distribution
System Input/Output Controls
Network Access Controls
System Administration Controls
Application Input/Output Controls
Back-up of Data
Personnel
Security Education and Training
Security Policy
Security Infrastructure
Outsourcing
Data Protection Legalization
Incident Handling
Compliance Checks
Masquerading of User Identity by Outsiders
Identification and Authentication
Logical Access Control
Accounting
Audit
Object Re-use
Security Testing
Software Integrity
Mobile Computing and Teleworking
Software Distribution
System Input/Output Controls
Network Security Management
Network Access Controls
System Administration Controls
Application Input/Output Controls
Back-up of Data
Security Education and Training
Security Policy
Security Infrastructure
Data Protection Legalization
Incident Handling
Compliance Checks
, . . - .
, .
, , (, , -), - . , .
(. . 3.3) , RiskWatch, .
3.3. ROI (Return of Investment - )
|
|
( , ..) | |
( ) | |
.
, .
.