Pro+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
July 2003

SRP evaluation criteria: Tools to enable security as a process

In the July 2003 Information Security magazine cover story, IT risk assessment: Using security resource planning products to improve, we evaluated three security resource planning (SRP) products based on the key criteria listed below.  Framework/approach. Each SRP vendor has a different framework and varied approach to managing risk. The usage and processes that map inherently to the application will help the organization integrate a solution into its environment to evaluate risk levels, apply controls and remediate vulnerabilities. Risk measurement. Measuring risk, even in a basic way, allows enterprises to identify those areas that require protection and prioritize the workload. Vendors should provide some level of risk measurement, whether it's at a general level (high, medium, low) or more quantitative and specific. Measurement aids in risk evaluation and follow-up assessment of remediation activity. Content and knowledge management. The ability to capture and distill public security information--alerts, patch updates, etc.-...

Features in this issue

Columns in this issue

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

-ADS BY GOOGLE

Close