Published under Risk Management


Basel Committee on Banking Supervision, Risk Management Principles for Electronic Banking, May 2001
[ ]


ISO/IEC 15408-1:2005, Information technology - Security techniques - Evaluation criteria for IT security
[ ]


CobiT, Control Objectives for Information and related Technology, IT Governance Institute
[ ]


Expression of Needs and Identification of Security Objectives PREMIER MINISTRE Secrétariat général de la défense nationale Direction centrale de la sécurité des systèmes d’information Sous-direction des opérations Bureau conseil
[ ]

Emerging Risk ENISA

ENISA Study on Emerging Risks: Security and Privacy Risks in Future IT (provisional title), ENISA, to appear in 2006

Emerging Risk IPTS

Final Report – Future Threats and Crimes In An Ambient Intelligent Everyday Environment, Dr J R Walton, 2005, supplied by QinetiQ and Transcrime for JRC / IPTS
[ http:// ]

ENISA Regulation

REGULATION (EC) No 460/2004 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 10 March 2004 establishing the European Network and Information Security Agency
[ ]


“ENISA-BSI Information Security Management Days”, Bonn, Germany 10/11/2005


ENISA ad hoc Working Group on technical and policy aspects of Risk Assessment and Risk Management, June 2005 – March 2006
[ ]

Guide 73

ISO/IEC Guide 73:2002, Risk management - Vocabulary - Guidelines for use in standards
[ ]


Neil Storey: Safety-critical computer systems; Addison-Wesley, 1996

ISO 13335-2

ISO/IEC TR 13335-2:1997, Information technology - Guidelines for the management of IT Security -
Part 2: Managing and planning IT Security
[ ]

ISO 17799

ISO/IEC 17799:2005, Information technology - Security techniques - Code of practice for information security management
[ ]


BSI-Standard 100-1, 100-2, 100-3 BSI-Empfehlungen des zu Methoden, Prozessen und Verfahren sowie Vorgehensweisen und Maßnahmen mit Bezug zur Informationssicherheit
[ ]


IT Infrastructure Library, OGC – Office of Government Commerce, also released as:
ISO/IEC 20000:2005, Information technology - Service management
[ htpp:// ]


Information Technology Security Evaluation Criteria (ITSEC), Luxembourg: Office for Official Publications of the European Communities, 1991
[ ]


G. Stonebumer, A. Goguen, A Fringa, Risk Management Guide for Information Technology Systems, Recommendations of the National Institute of Standards and Technology, July 2002


OCTAVE Method Implementation Guide Version 2.0, Carnegie Mellon University, June 2001
[ ]


Arcangelo Ricchiuto, Diploma work: “ITIL and Risk Management process integration”, University of Applied Sciences Cologne, July 2005 (available in German)


Colin Dixon, CWSecurity Professionals, User Groups, How information risk management underpins good corporate governance, Monday 1st August 2005
[ ]


SIZ Sicherer IT- Betrieb, Framework for security of the German Savings Banks Organization, 2006
[ ]


Schutzprofil SIZ-PP, Schutzprofil Sicherheit für IT-Gesamtsysteme der Finanzdienstleister, SIZ-GbmH, Bonn, 1998/99/2000
[ ]


Sarbanes-Oxley Act of 2002, H.R. 3763, An Act to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes, 23 January 2002
[ ]

WG-Deliverable 1

ENISA ad hoc working group on risk assessment and risk management, Inventory of risk assessment and risk management methods, Deliverable 1, Final version, Version 1.0, 2006
[ ]

WG-Deliverable 2

ENISA ad hoc working group on risk assessment and risk management, Risk Assessment and Risk Management Methods: Information Packages for Small and Medium Sized Enterprises (SMEs) Deliverable 2, Final version, Version 1.0, 2006
[ ... ]

WG-Deliverable 3

ENISA ad hoc working group on risk assessment and risk management, Road map, Deliverable 3, Final version, Version 1.0, 2006
[ ... ]


We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more