Access control, Antivirus, Antivirus software, Application security, Auditing, Authentication, Biometrics, Current threats, cybersecurity, Digital certificates, Encryption, Endpoint security, Firewall, Firewalls, Forensics, Hacking, Identity & Access Management, Incident response, Information risk management, Information security, Intrusion management, ISA Server, malware, McAfee, Password, Password management, Patch management, patching, PEN testing, Platform Security, Risk management, Secure Coding, Security in 2010, Security management, Security products, Security Program Management, Security tokens, SFTP, Single sign-on, Spyware, SSL, SSL/TLS, Symantec, Trojans, User Permissions, Viruses, vulnerability management, Web security, Windows Security, worms VIEW ALL TAGS
Good Morning, I'm fairly new at my postion as an Information Security Officer (ISO) and I wanted to know how to prepare a letter to the Designated Aproving Authority (DAA) on the "Risk Assuptions" or " "Statement of Residual Risk". There are items on my Plan of Action and Milestone (POA&M) that...
What benchmark can be used in the comprehensive security review of a self-service system (i.e. touch-screen kiosk based and web-based) in any industry?