The SRMBOK Maturity Model
WELCOME
The Security Risk Management Aide-Memoire (SRMAM) is a short book based on the Security Risk Management Body of Knowledge (SRMBOK) with additional material, new research, and changes to reflect the 2018 ISO31000 Risk Management Standard update. You can read most of the chapters in the blog articles below, plus new material that will form the basis for a second edition in the coming years.
- Sep 7, 2020
- 1 min
Security Risk Assessment Reports - Two Ways
- Aug 31, 2020
- 1 min
How to Structure a Security Risk Assessment Request
- Aug 24, 2020
- 1 min
How to Structure a Security Plan
- Aug 17, 2020
- 1 min
The Real Cost of Risk Treatments
- Aug 10, 2020
- 1 min
Writing Treatment Plans
- Aug 3, 2020
- 1 min
Which Risk Treatment to Choose? An 8-step Process
- Jul 27, 2020
- 1 min
The ISO-31000 Approach to Risk Treatment
- Jul 22, 2020
- 2 min
Vulnerability and control
- Jul 20, 2020
- 1 min
How to Document Complex Treatments?
- Jul 13, 2020
- 1 min
How to Communicate Risk Visually
- Jul 6, 2020
- 1 min
How to Structure a Security Briefing
- Jun 29, 2020
- 1 min
What is Expected Monetary Value?
- Jun 22, 2020
- 1 min
Where to Start with Risk Analysis? Inputs
- Jun 15, 2020
- 1 min
How Should You Structure Likelihood and Consequence Tables?
- Jun 8, 2020
- 3 min
Probability and Modelling Risk Expectancy
- Jun 1, 2020
- 1 min
What is the Stroud Matrix?
- May 25, 2020
- 3 min
What are Risk Matrices, and Should I Use Them?
- May 18, 2020
- 2 min
How Do You Estimate Risk?
- May 11, 2020
- 2 min
How Can We Effectively Use Our Risk Management Findings and Recommendations?