This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Talk:Industry:Project Review/NIST SP 800-37r1 FPD Chapter 2"
From OWASP
Dan Philpott (talk | contribs) |
Dan Philpott (talk | contribs) (Added footnotes section.) |
||
Line 36: | Line 36: | ||
== 2.4 SECURITY CONTROL ALLOCATION == | == 2.4 SECURITY CONTROL ALLOCATION == | ||
+ | |||
+ | |||
+ | |||
+ | ==Footnotes== | ||
+ | |||
[[Category:GIC-NISTSP80037r1FPD]] | [[Category:GIC-NISTSP80037r1FPD]] |
Revision as of 02:35, 16 December 2009
CHAPTER TWO
THE FUNDAMENTALS
BASIC CONCEPTS ASSOCIATED WITH MANAGING RISK FROM INFORMATION SYSTEMS
2.1 INTEGRATED ENTERPRISE-WIDE RISK MANAGEMENT
2.2 SYSTEM DEVELOPMENT LIFE CYCLE
2.3 INFORMATION SYSTEM BOUNDARIES
2.3.1 Establishing Information System Boundaries
Final chapter of this section is very concerning to me. Seems to imply that security of the Operating System is the paramount concern without regard to the fact that applications are where the majority of government data is held. Dan Philpott 03:26, 8 December 2009 (UTC)