This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Business Impact template
From OWASP
Revision as of 04:57, 13 February 2008 by Jeff Williams (talk | contribs) (BI template moved to Business Impact template)
Every Business Impact should follow this template.
Description
A business impact is the damage that results from a successful security breach. This should be the highest level impact to the business, not a glorified technical impact.
- Start with a one-sentence description of the business impact
- Describe the damage done to the business - money, loss of life, reputation, loss of customers, compliance, legal exposure
- Is the damage immediate or spread over a time period?
Risk Factors
- Talk about the factors that govern this business impact
- Try to be clear about the factors that make this impact serious
Examples
- Short example name
- One paragraph example description with links
- Short example name
- One paragraph example description with links
Related Technical Impacts
References
When the article is reviewed, the "Honeycomb" category can be removed and replaced with the "ASDR" category
[[Category:OWASP Honeycomb Project]]
[[Category:OWASP ASDR Project]]
