The paper contains an introduction and two sections. The first section will discuss how to set up a risk assessment and security evaluation program suitable for Financial Institutions. The discussion will include development of the standards, methods, processes and procedures identified for risk assessment, security planning and reviews. The second section will briefly illustrate these concepts by evaluating two fictional MS-SQL Server applications. One application will contain mission critical business data for internal use only and available only on the “trusted” network. The other MS-SQL application will be a Web-based Internet site run by a Service Provider. The methodology discussed can be included during systems development and used to gain approval of review tools and techniques after the move into production.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
