|
Posted by JWMeritt on July 3, 2004, 7:48 pm
If you were Registered and logged in, you could reply and use other advanced thread options
David Watson wrote:
>I am trying to compile a list of the potential risks in an IT environment.
And how are you defining the difference between 'threat', 'impact',
'expectancy' and 'risk'?
Why are you not using the lists from CSI or NIST?
...........................................................................
...........................................
http://profiles.yahoo.com/jwmeritt and http://hometown.aol.com/jwmeritt/
James W. Meritt, CISSP, CISA
| 
XML site map