Difference between revisions of "Business Impact template"

Revision as of 05:00, 13 February 2008

Every Business Impact should follow this template.

Description

A business impact is the damage that results from a successful security breach. This should be the highest level impact to the business, not a glorified technical impact.

Start with a one-sentence description of the business impact
Note the security interest that is damaged - confidentiality, integrity, availability, accountability
Describe the damage done to the business - money, loss of life, reputation, loss of customers, compliance, legal exposure
Is the damage immediate or spread over a time period?

Risk Factors

Talk about the factors that govern this business impact
Try to be clear about the factors that make this impact serious

Examples

Short example name: One paragraph example description with links

Short example name: One paragraph example description with links

Related Technical Impacts

References

When the article is reviewed, the "Honeycomb" category can be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]

@@ Line 5: / Line 5: @@
 A business impact is the damage that results from a successful security breach. This should be the highest level impact to the business, not a glorified technical impact.
 # Start with a one-sentence description of the business impact
+# Note the security interest that is damaged - confidentiality, integrity, availability, accountability
 # Describe the damage done to the business - money, loss of life, reputation, loss of customers, compliance, legal exposure
 # Is the damage immediate or spread over a time period?

Difference between revisions of "Business Impact template"

Revision as of 05:00, 13 February 2008

Description

Risk Factors

Examples

Related Technical Impacts

References

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools