Premium Content

Access "SRP evaluation criteria: Tools to enable security as a process"

Published: 01 Jul 2003

In the July 2003 Information Security magazine cover story, IT risk assessment: Using security resource planning products to improve, we evaluated three security resource planning (SRP) products based on the key criteria listed below.  Framework/approach. Each SRP vendor has a different framework and varied approach to managing risk. The usage and processes that map inherently to the application will help the organization integrate a solution into its environment to evaluate risk levels, apply controls and remediate vulnerabilities. Risk measurement. Measuring risk, even in a basic way, allows enterprises to identify those areas that require protection and prioritize the workload. Vendors should provide some level of risk measurement, whether it's at a general level (high, medium, low) or more quantitative and specific. Measurement aids in risk evaluation and follow-up assessment of remediation activity. Content and knowledge management. The ability to capture and distill public security information--alerts, patch updates, etc.--allows an enterprise to ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside


More Premium Content Accessible For Free