The SRMBOK Maturity Model
Security Risk Management Body Of Knowledge (SRMBOK) The SRMBOK maturity model addresses the following four levels: Level 1 INITIAL Level...
The Security Risk Management Aide-Memoire (SRMAM) is a short book based on the Security Risk Management Body of Knowledge (SRMBOK) with additional material, new research, and changes to reflect the 2018 ISO31000 Risk Management Standard update. You can read most of the chapters in the blog articles below, plus new material that will form the basis for a second edition in the coming years.
The SRMBOK Maturity Model
Security Risk Assessment Reports - Two Ways
How to Structure a Security Risk Assessment Request
How to Structure a Security Plan
The Real Cost of Risk Treatments
Writing Treatment Plans
Which Risk Treatment to Choose? An 8-step Process
The ISO-31000 Approach to Risk Treatment
Vulnerability and control
How to Document Complex Treatments?
How to Communicate Risk Visually
How to Structure a Security Briefing
What is Expected Monetary Value?
Where to Start with Risk Analysis? Inputs
How Should You Structure Likelihood and Consequence Tables?
Probability and Modelling Risk Expectancy
What is the Stroud Matrix?
What are Risk Matrices, and Should I Use Them?
How Do You Estimate Risk?
How Can We Effectively Use Our Risk Management Findings and Recommendations?