This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Talk:Industry:Project Review/NIST SP 800-37r1 FPD Chapter 2"
From OWASP
Dan Philpott (talk | contribs) (Installing layout of main document to structure comments) |
Dan Philpott (talk | contribs) (→2.3.1 Establishing Information System Boundaries) |
||
| Line 25: | Line 25: | ||
=== 2.3.1 Establishing Information System Boundaries === | === 2.3.1 Establishing Information System Boundaries === | ||
| − | + | Final chapter of this section is very concerning to me. Seems to imply that security of the Operating System is the paramount concern without regard to the fact that applications are where the majority of government data is held. [[User:Dan Philpott|Dan Philpott]] 03:26, 8 December 2009 (UTC) | |
=== 2.3.2 Boundaries for Complex Information Systems (System of Systems) === | === 2.3.2 Boundaries for Complex Information Systems (System of Systems) === | ||
Revision as of 03:26, 8 December 2009
CHAPTER TWO
THE FUNDAMENTALS
BASIC CONCEPTS ASSOCIATED WITH MANAGING RISK FROM INFORMATION SYSTEMS
2.1 INTEGRATED ENTERPRISE-WIDE RISK MANAGEMENT
2.2 SYSTEM DEVELOPMENT LIFE CYCLE
2.3 INFORMATION SYSTEM BOUNDARIES
2.3.1 Establishing Information System Boundaries
Final chapter of this section is very concerning to me. Seems to imply that security of the Operating System is the paramount concern without regard to the fact that applications are where the majority of government data is held. Dan Philpott 03:26, 8 December 2009 (UTC)
