Difference between revisions of "Talk:Industry:Project Review/NIST SP 800-37r1 FPD Chapter 2"

Revision as of 03:40, 8 December 2009

1 2.1 INTEGRATED ENTERPRISE-WIDE RISK MANAGEMENT
2 2.2 SYSTEM DEVELOPMENT LIFE CYCLE
3 2.3 INFORMATION SYSTEM BOUNDARIES
4 2.4 SECURITY CONTROL ALLOCATION

CHAPTER TWO

THE FUNDAMENTALS

BASIC CONCEPTS ASSOCIATED WITH MANAGING RISK FROM INFORMATION SYSTEMS

2.1 INTEGRATED ENTERPRISE-WIDE RISK MANAGEMENT

2.2 SYSTEM DEVELOPMENT LIFE CYCLE

2.3 INFORMATION SYSTEM BOUNDARIES

2.3.1 Establishing Information System Boundaries

Final chapter of this section is very concerning to me. Seems to imply that security of the Operating System is the paramount concern without regard to the fact that applications are where the majority of government data is held. Dan Philpott 03:26, 8 December 2009 (UTC)

2.3.2 Boundaries for Complex Information Systems (System of Systems)

2.3.3 Dynamic Subsystems

2.4 SECURITY CONTROL ALLOCATION

Revision as of 03:26, 8 December 2009 (view source) Dan Philpott (talk \| contribs) (→‎2.3.1 Establishing Information System Boundaries) ← Older edit		Revision as of 03:40, 8 December 2009 (view source) Dan Philpott (talk \| contribs) Newer edit →
Line 28:		Line 28:

	=== 2.3.2 Boundaries for Complex Information Systems (System of Systems) ===		=== 2.3.2 Boundaries for Complex Information Systems (System of Systems) ===
		+
		+
		+
		+	=== 2.3.3 Dynamic Subsystems ===

Difference between revisions of "Talk:Industry:Project Review/NIST SP 800-37r1 FPD Chapter 2"

Revision as of 03:40, 8 December 2009

2.1 INTEGRATED ENTERPRISE-WIDE RISK MANAGEMENT

2.2 SYSTEM DEVELOPMENT LIFE CYCLE

2.3 INFORMATION SYSTEM BOUNDARIES

2.3.1 Establishing Information System Boundaries

2.3.2 Boundaries for Complex Information Systems (System of Systems)

2.3.3 Dynamic Subsystems

2.4 SECURITY CONTROL ALLOCATION

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools