I've just finished giving a presentation at the ISC2 2021 Security Congress and several people asked for a copy of the slides.
I hope they are useful. Please feel free to use them and adapt them. I would appreciate if if you reference www.juliantalbot.com but my main mission is to get some useful tools out into the world where they can be applied.
You can find some more templates and the like under the DOWNLOADS menu above as well as at www.srmam.com. The Security Risk Management Aide-Mémoire (SRMAM) is a short book which updates a number of the models from the Security Risk Management Body Of Knowledge (SRMBOK).
Existing Controls & Other Downloads
Someone asked about the difference between inherent, current, and residual risk during the question and answer session at the end. You can download several dozen images and templates for free from the SRMAM website via the Resources menu, but here is the one that illustrates inherent versus residual risk.
The ESRA Spreadsheet
Below is a version of an enterprise security risk assessment spreadsheet I used before we created SECTARA. The spreadsheet is a bit redundant now but it's still a good system with some useful formula if you'd like something to start with. The latest version of the spreadsheet is more complicated with a number of extra tabs but probably more than you might need.
SECTARA
I also mentioned that you can get a free version of SECTARA. There are paid subscriptions but our intention is to make sure that people who need it but can't afford it, will still be able to access it. We need to make a living of course, but improving the quality of risk management in the world is a core goal for all of us on the SECTARA team. Hence, the always free and fully functioning version. Enjoy. And if you're an NGO or charity that needs more users or assessments than the free version allows, please drop us a line.
Thank you to everyone who attended the presentation. I hope it was helpful. If you missed it, at least you can download the presentation to get an idea of the content.
SRMBOK
Last but not least, if you'd like to contribute to the next edition of SRMBOK, please register via this link. I promise not to send too many emails. I'm too busy with other projects to spam you but I will keep you updated when the exposure draft is ready.
You can find a few more of my books at this link and we are working on some and several people asked for a copy of thelides.
MORE TEMPLATES TO DOWNLOAD
You can find a number or other useful templates and presentations under the Downloads menu. Enjoy.
Comments