Sumários

26 Outubro 2017, 16:30 • Ana Respicio

Introduction to ISO/IEC 27005 and 31000; Enisa documents. More frameworks and guidelines: Octave, Itil, Cobit, ISO/IEC 27005:2011, and NIST SP800-30.

Business case for IS: ALE revisited. Complementary to ALE metrics.

TP: presentations of the students on frameworks and guidelines. Assignment: auto-study ISO/IEC 27005:2011, NP ISO 31000:2013.

19 Outubro 2017, 18:30 • Ana Respicio

No lecture: the Professor was on external mission. Auto-study: paper review.

19 Outubro 2017, 16:30 • Ana Respicio

No lecture: the Professor was on external mission. Auto-study: paper review.

12 Outubro 2017, 18:30 • Ana Respicio

My favorite data breach: students fast talks.

12 Outubro 2017, 16:30 • Ana Respicio

Risk identification: the TVA table.

Risk assessment. Risk scoring. Risk ranking.

Documenting the results of risk assessment.

Controlling Risk. Risk control strategies.ISO/IEC 27005:2011 standard.

Readings: Whitman & Mattord, chapters 8 and 9. ISO/IEC 27005:2011.