EUIST

EUIST

Just another ComMetrics – social media monitoring, best metrics, marketing metrics weblog

Guideline that makes a difference – risk management – EBIOS – Expression des Besoins et Identification des Objectifs de Sécurité

April 23rd, 2007 · No Comments ·

Translated EBIOS stands for

– expressing needs and identifying security objectives

EBIOS was published in 1995 by DCSSI (Direction Centrale de la Sécurité des Systèmes d’Information) a French government agency that continues to maintain and improve the method. It also includes software that can be used to systematize working with the method.

EBIOS’ main objective is to allow an organization, including public agencies, to determine the security actions that should be undertaken to better manage risks and the security and confidentiality of information assets and data.

The method addresses these issues:

_Risk Identification_
Step 3 of EBIOS method: 3.1 Study of threat sources.
Step 4 of EBIOS method: Identification of security objectives

_Risk Analysis_
Step 3 of EBIOS method: 3.2 Study of vulnerabilities

_Risk evaluation_
Step 3 of EBIOS method: 3.3 Formalization of threats

OTHER PHASES

_Context Study_
Step 1 of EBIOS method : Identify target system, general information, context of use, determine entities

_Expression of security needs_
Step 2 of EBIOS method: risk estimation and definition of risk criteria

Get more information here:

EBIOS – – Expression des Besoins et Identification des Objectifs de Sécurité (click on link – Login as Guest – click on this link again and you get the inside brief)

The above provides more detail about the method including links to French and German versions, you can also download the English version here:
EBIOS – expressing needs and identifying security objectives – (complete set of materials in English
_PS._

Sometimes the term EBIOS describes: Extended Basic Input/Output System but in our context EBIOS means either Expression des Besoins et Identification des Objectifs de Sécurité or ‘expressing needs and identifying security objectives’



|

→ No CommentsTags: 05_en · confidence · demarche · ebiosv2 · gouv · methods · secretariat · section2