Project Tools For Risk
Good evening folks, recently I have tested out a risk management software tool and was wondering if there are any more?
Answer Question
| February 27, 2013 9:58 PM
Risk management
Good evening folks, recently I have tested out a risk management software tool and was wondering if there are any more?
Answer Question
| February 27, 2013 9:58 PM
Risk management
Social Networking sites?
Is it acceptable to allow access to social networking sites from company PC’s?
Answer Question
| May 12, 2010 1:01 PM
IT security, Risk management, Social media security
Is it acceptable to allow access to social networking sites from company PC’s?
Answer Question
| May 12, 2010 1:01 PM
IT security, Risk management, Social media security
risk management in IT
what is the role of risk manager in IT industry.mean what responsibilites he have?
Answer Question
| August 29, 2009 6:33 AM
Risk management, Risk Manager
what is the role of risk manager in IT industry.mean what responsibilites he have?
Answer Question
| August 29, 2009 6:33 AM
Risk management, Risk Manager
How do you create a Business Case for Security?
In a nutshell, which would be a good way of putting together a business case for a solution that mitigates security risks, when the “income” generated by the solution is not easy to define?
Answer Question
| August 29, 2009 1:22 PM
Information security, Risk management
In a nutshell, which would be a good way of putting together a business case for a solution that mitigates security risks, when the “income” generated by the solution is not easy to define?
Answer Question
| August 29, 2009 1:22 PM
Information security, Risk management
Risk Assessment for Application Systems
Can please share the risk assessment methods/ questionnaires/approach for application systems.We understand that the assessment may cover technology, people, and process. We need to come-out with the assessment report indicating the risk level & rating of the application systems.
Answer Question
| June 30, 2009 3:49 AM
Application security, Risk analysis, Risk assessment, Risk management
Can please share the risk assessment methods/ questionnaires/approach for application systems.We understand that the assessment may cover technology, people, and process. We need to come-out with the assessment report indicating the risk level & rating of the application systems.
Answer Question
| June 30, 2009 3:49 AM
Application security, Risk analysis, Risk assessment, Risk management
How to do a security assessment in a hospital environment?
Possible questions to ask to employee working in a hospital enironment when you are conducting security assessment?
Answer Question
| May 20, 2009 9:47 AM
Risk management, Security accessment, Security audits
Possible questions to ask to employee working in a hospital enironment when you are conducting security assessment?
Answer Question
| May 20, 2009 9:47 AM
Risk management, Security accessment, Security audits
What to do when files taken by hacker?
what to do if files were taken by a hacker
Answer Question
| April 21, 2009 1:48 AM
Data security breaches, Files taken by Hacker, Hacked, Information security, Risk management, Security forensics
what to do if files were taken by a hacker
Answer Question
| April 21, 2009 1:48 AM
Data security breaches, Files taken by Hacker, Hacked, Information security, Risk management, Security forensics
Checklist for managing risk of Data Center power shutdown
We are planning to have a shutdown of power at data center to upgrade electrical power feeder. In doing so, we need to know the checklist to ensure risks associated during the initiative are minimized and controlled. We have hundreds of servers located at the data center that store appls and databases.
Answer Question
| February 17, 2009 3:12 AM
Data center maintenance, Data center operations, Data Center power management, Risk assessment, Risk management
We are planning to have a shutdown of power at data center to upgrade electrical power feeder. In doing so, we need to know the checklist to ensure risks associated during the initiative are minimized and controlled. We have hundreds of servers located at the data center that store appls and databases.
Answer Question
| February 17, 2009 3:12 AM
Data center maintenance, Data center operations, Data Center power management, Risk assessment, Risk management
USB port control policy
My company plan to roll out a policy on USB port control. I need guide to draft the policy.
Answer Question
| February 18, 2009 2:01 AM
Endpoint security, Policies, Risk management, Security policies, USB, USB port security
My company plan to roll out a policy on USB port control. I need guide to draft the policy.
Answer Question
| February 18, 2009 2:01 AM
Endpoint security, Policies, Risk management, Security policies, USB, USB port security
What is the best way to implement a risk assessment in an IT department that will align COBIT controls with risks?
A compliance officer in Europe could use some advice from fellow IT professionals and executives. His IT budget is being scrutinized, as is the case in every organization in 2009; he needs targets to get things done more efficiently but without taking on more risk. His department is evaluating benchmarking IT application controls as a [...]
Answer Question
| March 23, 2009 6:04 PM
COBIT, Compliance, IT Compliance, regulatory compliance, Risk assessment, Risk management
A compliance officer in Europe could use some advice from fellow IT professionals and executives. His IT budget is being scrutinized, as is the case in every organization in 2009; he needs targets to get things done more efficiently but without taking on more risk. His department is evaluating benchmarking IT application controls as a [...]
Answer Question
| March 23, 2009 6:04 PM
COBIT, Compliance, IT Compliance, regulatory compliance, Risk assessment, Risk management
Video Conference risk & security policy
1. What is the risk with allowing the usage of video conference or web conference within an organization? 2. given this context, any sample of security policy?
Answer Question
| July 26, 2008 1:52 PM
Risk management, Security policies, Video conferencing
1. What is the risk with allowing the usage of video conference or web conference within an organization? 2. given this context, any sample of security policy?
Answer Question
| July 26, 2008 1:52 PM
Risk management, Security policies, Video conferencing
Security!!
What security measures are considered when designing a web-application (besides the SSL encryption)? And what technologies are used to protect the application from brute-force, phishing, and pharming attacks.”
Answer Question
| June 25, 2008 7:30 AM
Risk management, Security protocols, Web security
What security measures are considered when designing a web-application (besides the SSL encryption)? And what technologies are used to protect the application from brute-force, phishing, and pharming attacks.”
Answer Question
| June 25, 2008 7:30 AM
Risk management, Security protocols, Web security
Risk Management
I’m looking for information about the most pressing issues facing risk managers.
Answer Question
| March 27, 2008 2:16 PM
Risk management, Risk management metrics
I’m looking for information about the most pressing issues facing risk managers.
Answer Question
| March 27, 2008 2:16 PM
Risk management, Risk management metrics
Selecting an area within security to start
Hi, I’m studying for an MSc in Information Security from Royal Holloway University of London, I have a B.Engg. degree in computers and a PG Diploma in Networking and Communication as well as the CCSA and CCNA. I’m also studying for the CISSP. Now, with all these qualifications, could you please tell me which would [...]
Answer Question
| June 25, 2008 4:06 PM
Access control, Application security, Biometrics, Browsers, Career development, CCNA, CCSA, Certifications, CISSP, Compliance, configuration, CRM, Current threats, Database, Digital certificates, Disaster Recovery, Encryption, Exchange, Firewalls, Forensics, Hacking, Identity & Access Management, Incident response, Intrusion management, MCSE, Network security, Networking, patching, PEN testing, Platform Security, Policies, Risk management, Secure Coding, Security, Security Program Management, Spyware, SSL/TLS, Trojans, Viruses, VPN, vulnerability management, Web security, Wireless, worms
Hi, I’m studying for an MSc in Information Security from Royal Holloway University of London, I have a B.Engg. degree in computers and a PG Diploma in Networking and Communication as well as the CCSA and CCNA. I’m also studying for the CISSP. Now, with all these qualifications, could you please tell me which would [...]
Answer Question
| June 25, 2008 4:06 PM
Access control, Application security, Biometrics, Browsers, Career development, CCNA, CCSA, Certifications, CISSP, Compliance, configuration, CRM, Current threats, Database, Digital certificates, Disaster Recovery, Encryption, Exchange, Firewalls, Forensics, Hacking, Identity & Access Management, Incident response, Intrusion management, MCSE, Network security, Networking, patching, PEN testing, Platform Security, Policies, Risk management, Secure Coding, Security, Security Program Management, Spyware, SSL/TLS, Trojans, Viruses, VPN, vulnerability management, Web security, Wireless, worms
Procedures for a new area.
We are a company where we have expirience on network remote administration and now we have open a new area, The area of security. Now I need to start to make new procedures like when a new customer come to us and ask if we can handle the security for his network… I need to [...]
Answer Question
| May 28, 2008 10:13 PM
Access control, Application security, backdoors, Biometrics, Browsers, Cabling, Compliance, configuration, CRM, Current threats, Database, DataCenter, Digital certificates, Disaster Recovery, Encryption, Exchange, filtering, Firewalls, Forensics, Hacking, Hardware, Hubs, human factors, Identity & Access Management, Incident response, Instant Messaging, Intrusion management, Network management software, Network security, Networking, Outsourcing, patching, PEN testing, Platform Security, Policies, Project management, provisioning, Remote management, Risk management, Routers, Secure Coding, Security, Security Program Management, Security tokens, Servers, Single sign-on, Spyware, SSL/TLS, Switches, Trojans, Viruses, VPN, vulnerability management, Web security, Wireless, worms
We are a company where we have expirience on network remote administration and now we have open a new area, The area of security. Now I need to start to make new procedures like when a new customer come to us and ask if we can handle the security for his network… I need to [...]
Answer Question
| May 28, 2008 10:13 PM
Access control, Application security, backdoors, Biometrics, Browsers, Cabling, Compliance, configuration, CRM, Current threats, Database, DataCenter, Digital certificates, Disaster Recovery, Encryption, Exchange, filtering, Firewalls, Forensics, Hacking, Hardware, Hubs, human factors, Identity & Access Management, Incident response, Instant Messaging, Intrusion management, Network management software, Network security, Networking, Outsourcing, patching, PEN testing, Platform Security, Policies, Project management, provisioning, Remote management, Risk management, Routers, Secure Coding, Security, Security Program Management, Security tokens, Servers, Single sign-on, Spyware, SSL/TLS, Switches, Trojans, Viruses, VPN, vulnerability management, Web security, Wireless, worms
Compliance to Acts
How can softwares for url/content filtering or mail scanning be made compliant to HIPAA , Sarbanes-oxley act etc. … What all features are required to be implemented to make them compliant ????
Answer Question
| March 3, 2007 9:55 AM
Compliance, CRM, Disaster Recovery, Laws, Policies, Regulations, Risk management, Security Program Management, standards
How can softwares for url/content filtering or mail scanning be made compliant to HIPAA , Sarbanes-oxley act etc. … What all features are required to be implemented to make them compliant ????
Answer Question
| March 3, 2007 9:55 AM
Compliance, CRM, Disaster Recovery, Laws, Policies, Regulations, Risk management, Security Program Management, standards
Moving into the InfoSec role
I work at a company that currently does not have a position dedicated to information security. I come from a background in networking with a good portion of my focus on firewalls and other security related technologies. I am interested in positioning myself into the role of InfoSec Admin at my compnay and was hoping [...]
Answer Question
| December 22, 2006 1:36 PM
Access control, Application security, backdoors, Biometrics, Browsers, Compliance, configuration, CRM, Current threats, Database, Digital certificates, Disaster Recovery, Encryption, Exchange, filtering, Firewalls, Forensics, Hacking, human factors, Identity & Access Management, Incident response, Instant Messaging, Intrusion management, Network security, patching, PEN testing, Platform Security, Policies, provisioning, Risk management, Secure Coding, Security, Security Program Management, Security tokens, Servers, Single sign-on, Spyware, SSL/TLS, Trojans, Viruses, VPN, vulnerability management, Web security, Wireless, worms
I work at a company that currently does not have a position dedicated to information security. I come from a background in networking with a good portion of my focus on firewalls and other security related technologies. I am interested in positioning myself into the role of InfoSec Admin at my compnay and was hoping [...]
Answer Question
| December 22, 2006 1:36 PM
Access control, Application security, backdoors, Biometrics, Browsers, Compliance, configuration, CRM, Current threats, Database, Digital certificates, Disaster Recovery, Encryption, Exchange, filtering, Firewalls, Forensics, Hacking, human factors, Identity & Access Management, Incident response, Instant Messaging, Intrusion management, Network security, patching, PEN testing, Platform Security, Policies, provisioning, Risk management, Secure Coding, Security, Security Program Management, Security tokens, Servers, Single sign-on, Spyware, SSL/TLS, Trojans, Viruses, VPN, vulnerability management, Web security, Wireless, worms
wireless vlan
hi all, is it possible to have one link from a switch to an access point and split the network into two networks a wireless network from the AP and a wired port for a user connected thru RJ45 and still keep it secured.
Answer Question
| October 1, 2008 3:04 AM
Availability, Bandwidth, Compliance, configuration, CRM, Disaster Recovery, Ethernet, FDDI, H.323, IPv4, IPv6, Network protocols, Networking, patching, PEN testing, Platform Security, Policies, Risk management, Security, Security Program Management, TCP, VoIP, vulnerability management, Wireless
hi all, is it possible to have one link from a switch to an access point and split the network into two networks a wireless network from the AP and a wired port for a user connected thru RJ45 and still keep it secured.
Answer Question
| October 1, 2008 3:04 AM
Availability, Bandwidth, Compliance, configuration, CRM, Disaster Recovery, Ethernet, FDDI, H.323, IPv4, IPv6, Network protocols, Networking, patching, PEN testing, Platform Security, Policies, Risk management, Security, Security Program Management, TCP, VoIP, vulnerability management, Wireless
Blue Socket Gateway and Certificates
We are currently attempting to implement a Blue Socket Gateway in order to authenticate our wireless clients. I have been instructed by Blue Socket that the certificate used by them will not work through a NAT translation and that I should put this device on the outside of my ASA firewall. Apparently, when the Blue [...]
Answer Question
| November 8, 2006 5:05 PM
Access control, Active Directory, Application security, Browsers, Compliance, CRM, Database, Desktops, Disaster Recovery, Encryption, Exchange, filtering, Firewalls, Forensics, Incident response, Instant Messaging, Intrusion management, Management, Microsoft Windows, Network security, Networking, OS, Policies, Risk management, Secure Coding, Security, Security Program Management, Servers, SQL Server, SSL/TLS, VPN, Web security, Wireless
We are currently attempting to implement a Blue Socket Gateway in order to authenticate our wireless clients. I have been instructed by Blue Socket that the certificate used by them will not work through a NAT translation and that I should put this device on the outside of my ASA firewall. Apparently, when the Blue [...]
Answer Question
| November 8, 2006 5:05 PM
Access control, Active Directory, Application security, Browsers, Compliance, CRM, Database, Desktops, Disaster Recovery, Encryption, Exchange, filtering, Firewalls, Forensics, Incident response, Instant Messaging, Intrusion management, Management, Microsoft Windows, Network security, Networking, OS, Policies, Risk management, Secure Coding, Security, Security Program Management, Servers, SQL Server, SSL/TLS, VPN, Web security, Wireless
security problem
Hello, I have small workgroup having 10 computers in my office. I do some personal work in office like using yahoo messenger, checking personal e-mails and some online banking site. But how does one of my senior knows it? I do everything lonely and securely so that nobody in the office knows it. But he [...]
Answer Question
| February 19, 2008 3:44 AM
Access control, Application security, backdoors, Backup & recovery, Biometrics, Browsers, Career development, Compliance, configuration, CRM, Current threats, Data analysis, Database, DataCenter, DataManagement, DB2, Desktop management applications, Development, DHCP, Digital certificates, Disaster Recovery, DNS, Ecommerce applications, Encryption, Enterprise Desktop, Exchange, Exchange security, filtering, Firewalls, Forensics, Hacking, human factors, Identity & Access Management, Incident response, Instant Messaging, Intel, Interoperability, Intrusion management, LANDesk, Lotus Domino, McAfee, Microsoft Systems Management Server, Microsoft Windows, Mobile security, Network security, Networking, Networking services, Oracle, patching, PC/Windows Connectivity, PEN testing, Platform Security, Policies, Postini, provisioning, Risk management, Secure Coding, Security, Security Program Management, Security tokens, Servers, Single sign-on, Software, Spam, Spyware, SSL/TLS, Symantec, Systems management software, Tech support, Trojans, Vector Networks, Viruses, VPN, vulnerability management, Web security, Wireless, worms
Hello, I have small workgroup having 10 computers in my office. I do some personal work in office like using yahoo messenger, checking personal e-mails and some online banking site. But how does one of my senior knows it? I do everything lonely and securely so that nobody in the office knows it. But he [...]
Answer Question
| February 19, 2008 3:44 AM
Access control, Application security, backdoors, Backup & recovery, Biometrics, Browsers, Career development, Compliance, configuration, CRM, Current threats, Data analysis, Database, DataCenter, DataManagement, DB2, Desktop management applications, Development, DHCP, Digital certificates, Disaster Recovery, DNS, Ecommerce applications, Encryption, Enterprise Desktop, Exchange, Exchange security, filtering, Firewalls, Forensics, Hacking, human factors, Identity & Access Management, Incident response, Instant Messaging, Intel, Interoperability, Intrusion management, LANDesk, Lotus Domino, McAfee, Microsoft Systems Management Server, Microsoft Windows, Mobile security, Network security, Networking, Networking services, Oracle, patching, PC/Windows Connectivity, PEN testing, Platform Security, Policies, Postini, provisioning, Risk management, Secure Coding, Security, Security Program Management, Security tokens, Servers, Single sign-on, Software, Spam, Spyware, SSL/TLS, Symantec, Systems management software, Tech support, Trojans, Vector Networks, Viruses, VPN, vulnerability management, Web security, Wireless, worms
