- Sprint WiMAX service now online in Baltimore
- Nintendo to launch DS with camera, music player
- 50 tools to speed up your PC
- VMware KOs a roughly built Hyper-V package
- Enterprises overpay for antivirus software
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SOA | Value of WDS
With a goal of getting IT professionals to use standard terminology and eliminate ambiguity in expressing important risk-management concepts, the Open Group is finalizing a 50-page compendium of "risk-management and analysis taxonomy."
The Open Group Security Forum's risk taxonomy of about 100 expressions will not only address seemingly simple words such as threat, vulnerability and risk, but less common terms such as control strength.
The taxonomy study, which is expected to be publicly available around August, will be based on intellectual property contributed by Open Group member Risk Management Insight.
"There have been different ways of doing this for decades," says Jim Hietala, vice president of security at the Open Group
about the process and terms used to describe and evaluate risk. "This effort attempts to define a common set of terms around risk management."
Also around August, the Open Group will also begin working on a second phase of the project, which centers on risk-assessment
methodology, Hietala says. The Open Group is not a standards body and doesn't intend to come up with alternatives to industry
standards such as the Control Objectives for Information and related Technology (CoBIT) framework, but will concentrate its
efforts on establishing common criteria expressed as components, methodology and characteristics. That work is expected to
be completed by year end.
Easy-to-Use VeriSign(r) Web-Based Services Speed SSL Certificate Management and Cut Total Cost of...
Businesses Bank on SSL SolutionsLearn how financial institutions are helping their customers stay safe from phishing attacks in the...
Ten Ways to Protect Your IT Infrastructure: Reduce Costs while protecting critical business systemsPower, cooling and security issues can put your IT systems at risk. Find out how to provide clean,...
Life on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Key Considerations for a Successful 802.11n DeploymentFind out how to successfully deploy 802.11n to support an all-wireless enterprise in this webcast....
We have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment