SecurityRatty: tag: checklist

The Checklist

2008-02-07 20:14:00 by Security Retentive in Security Retentive

...Checklist ." The article is a fantastic read and I highly recommend it, even if you're not interested in medicine. It is well written and quite engaging about how doctors handle a ridiculously complex topic - intensive care Like Brian, I was struck by how closely the article can parallel some of the problems we face in trying to develop...

CHECKLISTS ARE NOT FOR DUMMIES, BUT THEY SURE ARE DUMB!

2008-06-11 13:51:33 by Alex in RiskAnalys.is

...Checklists are Not For Dummies, Dummy which looks at the use of checklists and how they are important for quality and the reduction of variance. I think its important in this day and age of Security Through Diligence to take a look at what checklists can and cannot do, because Mark makes an important point - reminding us that there is a time...

Tags: checklists, article checklists, article, mmmmm-mmmmmmm checklists, nice checklists, provide analysis, provide, nature, nature statement

Who should do your security audits? Or, how do you organize the security department?

2008-02-07 22:25:32 by Steve Riley in Steve Riley on Security

...checklist slave. Especially if your checklist is something you downloaded from the Internet. Remember: these checklists are only guidance, good ideas written by a person (or a committee) based on that person's risk tolerance. Effective auditors develop relationships with people in the other three groups: standards, alignment, and operations....

Tags: information, information assets, information security, alignment folk, security alignment folk, information security department, alignment, security department, security

RSA Impressions - 2: Compliance "Megatrends"

2008-04-08 17:47:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...checklist (losing the original intent of improving security). She also disliked that PCI compliance evaluation is bad: based on a "dumb" control checklist, not on measuring effectiveness of "meaningful controls." I think this is true to some extent; but I'd hate to blame it on PCI DSS standard itself Finally, panels' take on "What will happen...

Tags: security, information security, change security, data change, data, panel, bus107 panel session, pci dss standard, data volume

Checklists Are Not For Dummies, Dummy!

2008-05-24 11:50:10 by mcurphey in Mark Curphey - SecurityBuddha.com

At the OWASP Conference in Belgium this week I had a slide about checklists. This is the story behind the slide. My boss at Microsoft has a friend who is a pilot. He did his pre-take-off checklist and was cleared to taxi onto the runway by air traffic control. He consulted his checklist one

Tags: pre-take-off checklist, air traffic control, checklist, slide, owasp conference, checklists, friend, story, week

Building a Security Architecture Blueprint

2008-05-16 09:26:55 by Gunnar Peterson in 1 Raindrop

...checklist that the final four assigns you drive your program, use a framework that incorporates the business and its goals. A number of people commented on my post on GRC Rich Mogull Much of what we call GRC should really be features of your ERP and accounting software. ... Its an additional, very highly priced, reporting layer. ...A GRC tool...

Tags: security architecture, security architecture blueprint, security, security architecture capabilities, blueprint, information security program, information, post, grc post

Fun Reading on Security - 5

2008-07-11 17:57:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...Checklist A great WAF battle rages on ( here and in many other places). PCI + June 30 + 6.6 + WAF = BOOM How do you protect from IT admins "going bad?" Separate data and infrastructure (easier said than done, for sure). Another related one is " Staff more dangerous than hackers Curious about PCI DSS compliance outside the US? Read this and...

Tags: security, information security, information security checklist, security risks, fun, security future, security idiot, sillyuseless security solutions, fun dailydave thread

Ask the Auditor: Who is Responsible for Information Security?

2007-12-29 06:24:50 by Editor in Security Links

...Checklist Project: ISO 17799 9. The Center for Internet Security 10. The Information Systems Security Association (ISSA 11. The Computer Security Division (CSD) of the National Institute of Standards and Technology (NIST) , including the Federal Information Security Management Act (FISMA) library 12. Information Security Governance: Guidance...

Tags: information, information security, information policy, information security risks, information assurance, information security governance, information security managers, information security management, assign information security

Fatal wine waiters

2007-12-20 18:59:04 by Richard Clayton in Light Blue Touchpaper

...Checklist appears to be entirely covered by copyright, yet it has been rendered into this amusement In harmony to create sure you get what youve been looking for from a qualified confusion put hosting server, here are a few stuff you should take into tally before deciding on a confusion hosting provider where youll see that site has become...

Tags: windows server, server, windows, unlike windows, professional web site, server components, site, ntp server misuse, compatibility

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo