1 Appendix B Initial Briefing Template. 2 Site X Vulnerability Assessment (VA) Presenter name Presenter organization Presenter phone Presenter phone/email.

Slides:

Advertisements

Similar presentations

Project management Information systems for management1 Project Management.

Advertisements

Individul Project: NPD-NET Component 4: Integration and Regional Adaptation of NPD Roadmap Kick-off meeting Region of Central Macedonia – URENIO Research.

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

US Department of Energy Smart Grid Computational Tool (SGCT) Overview Note: View presentation in Slide Show mode for best results

© 2001 by Carnegie Mellon University PPA-1 OCTAVE SM : Participants Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh, PA

Overview of Key Rule Features

Project Management Outline of Chapters 1-6. Chapter 1 – Project Management Concepts Definition of a project and its attributes Key constraints within.

S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,

By: Ashwin Vignesh Madhu

Chapter 3 Preparing and Evaluating a Research Plan Gay and Airasian

Business Transformation Health Check

Development plan and quality plan for your Project

RESEARCH METHODOLOGY CHAPTER 3. Components of a research methodology 3.1 Introduction 3.2 Research instruments 3.3 Respondents 3.4 Research procedure.

Effective Methods for Software and Systems Integration

Initiating and Planning Systems Development projects

November 17, Critical Risk Identification System (CRIS) United States Department of Agriculture Office of Homeland Security & Emergency Coordination.

PLAN YOUR WORK AND WORK YOUR PLAN Bill Davis’s six project and time management tips.

May 12 th Monitoring and Project Control. Objectives Anticipated Outcomes Express why Monitoring and Controlling are Important. Differentiate between.

OSF/ISD Project Portfolio Management Framework January 17, 2011.

1 Introduction to Security Chapter 5 Risk Management: The Foundation of Private Security.

© 2001 by Carnegie Mellon University PSM-1 OCTAVE SM : Senior Management Briefing Software Engineering Institute Carnegie Mellon University Pittsburgh,

CAIRA is a quantitative vulnerability assessment tool for examining the physical security of energy systems (electrical, natural gas, steam and water)

Process for Analysis  Choose a standard / type  Qualitative / Quantitative Or  Formal / Informal  Select access controls  Match outcome to project.

Project Management Skills & Tools Michelle Sced Research Development Coordinator Division Research Skills Day – 9 March 2007.

Satzinger Chp. 2 Part Part 4 of 4 2 Object-Oriented Analysis and Design with the Unified Process Testing Testing is critical discipline Testing activities.

Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.

EDS Incident Command System Tabletop Exercise [Exercise Location] [Exercise Date] [Insert Logo Here]

Project design & Planning The Logical Framework Approach An Over View Icelandic International Development Agency (ICEIDA) Iceland United Nations University.

Preparing for the Launch Mohammed El- Affendi. Launch Major Tasks  The Launch is performed according to script “LAU1”, table 3.1 in the book (page 39),

Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.

Switch off your Mobiles Phones or Change Profile to Silent Mode.

Starting the Planning Process & Assessing Needs HSC 489.

Dr. Benjamin Khoo New York Institute of Technology School of Management.

PP 650: Public Policy Analysis Unit One Seminar Kris R. Foote, J.D., M.P.A., M.S.W. Kaplan University.

Lecture 7. The Questions: What is the role of alternative assessment in language learning? What are the Reasons.

Design Proposal A document prepared to (a) justify the need for the project, (b) describe the engineering process to be taken, (c) outline the expected.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Gathering Network Requirements Designing and Supporting Computer Networks – Chapter.

Presents The NetBotz Homeland Security Solution A Texas Company Protecting Texans.

Component 8 Installation and Maintenance of Health IT Systems Unit 4 Structured Systems Analysis and Design This material was developed by Duke University,

23 July 2003 PM-ITTS TSMOTSMO Information Assessment Test Tool (IATT) for IO/IW Briefing by: Darrell L Quarles Program Director U.S. Army Threat Systems.

Initiation and Planning for Success Sridhar Seshagiri Rao, PMP Innova Solutions Inc. Santa Clara, CA. April 9 th 2004.

McGraw-Hill/Irwin © 2013 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 11 Computer Crime and Information Technology Security.

SCS TNCore Rollout 2013 Study Group #4 Using Assessing and Advancing Questions to Arrive At Essential Understandings: Part 2- Asking Advancing Questions.

The Goal: To Climb Above The Competition Copyright 2005: I Lead Projects, L.L.C. Course Description Project Process Workplates Project Process Workplates.

Internal Auditing ISO 9001:2015

INTEGRAL SYSTEM OR SIMPLE COMBINATION

Risk Assessment What is good about the Microsoft approach to threat modeling? What is bad about it? OCTAVE…  Advantage: ___________  Disadvantage: ___________.

Quad Chart – Format Photograph or artist’s concept of the project end- item. Ideally, this will convey the main idea of the final capability/use of the.

Unit: 111 Unit 11 Rapid Assessment. Unit: 112 Introduction and Overview l Instructor introduction l Session objectives: –Understand the concept of rapid.

Switch off your Mobiles Phones or Change Profile to Silent Mode.

SwCDR (Peer) Review 1 UCB MAVEN Particles and Fields Flight Software Critical Design Review Peter R. Harvey.

INMM Nuclear Security and Physical Protection Technical Division.

The Physical Security in UTM NAWAF OMAR MAN Prof Hafiza Abas.

Physical Security at Data Center: A survey. Objective of the Survey  1. To identify the current physical security in data centre.  2.To analyse the.

Headquarters U.S. Air Force

Figure 3: TSN Analysis Methodology

Business System Development

Project Implementation Plan

CPMGT 300 Competitive Success/snaptutorial.com

CPMGT 300 STUDY Lessons in Excellence--cpmgt300study.com.

CPMGT 300 Education for Service/snaptutorial.com.

PM 584 Education for Service/snaptutorial.com

CPMGT 300 Teaching Effectively-- snaptutorial.com.

USAID/Peru Risk Assessment In-Briefing

SE Tasks for a Concept Development Project

TERRORIST PROTECTION PLANNING USING A RELATIVE RISK REDUCTION APPROACH

1 Stadium Company Network. The Stadium Company Project Is a sports facility management company that manages a stadium. Stadium Company needs to upgrade.

CHAPTER 9 (part a) BASIC INFORMATION SYSTEMS CONCEPTS

Project Management Training

Process Wind Tunnel for Improving Business Processes

Presentation transcript:

1 Appendix B Initial Briefing Template

2 Site X Vulnerability Assessment (VA) Presenter name Presenter organization Presenter phone Presenter phone/

3 Overview Purpose Scope Assumptions VA Methodology Schedule Questions

4 Purpose & Scope Complete a VA of Site X Evaluate the PPS as required by Establish baseline performance of the system and propose functional upgrades if not effective

5 Assumptions/Limitations (examples) Uses previously defined threats and assets Risk level must be less than Considers installed system, not planned upgrades Limited time for VA—5 days

6 Defined Threat Describe threat spectrum or single defined threat. For example: LevelTacticWeapons/EquipmentNumber LowTheftUnarmed, Hand Tools1-2, no insider MediumSabotagehandguns, Hand & Power Tools 2-4, possible insider HighSabotageArmed, Hand/Power Tools, Thermal tools, Explosive Charges 3-5, possible insider

7 Assets List assets that are targets of VA: Target 1 Target 2 etc

8 VA Methodology

9 Concepts Defined protection objectives Performance-based Evaluate PPS Detection Delay Response Analyze integrated system, not individual components

10 Benefits of Performance-based Assessments Based on performance, not mere presence, of components Clearly shows effects of vulnerabilities Links solutions to effectiveness Better risk management and resource utilization

11 Protection Principles Detection before delay Alarm assessment ends detection Balanced protection Protection-in-depth Immediate response required for critical assets

12 Relationship of PPS Functions Begin Action Task Complete First Alarm Detect Respond T 0A T C TT I Time Alarm Assessed Adversary Interrupted Adversary Task Time PPS Time Required Delay

13 Analysis Qualitative or quantitative analysis Performance measure Interruption, neutralization, system effectiveness, risk Tools used Data collection Tests Path analysis Scenario analysis

14 VA Schedule Day 1 Initial briefing Facility tour Workspace setup Day 2 Collect necessary maps & drawings Data collection—sensors, video system Day 3 Data collection—entry control and AC&D Begin analysis

15 VA Schedule Day 4 Data collection—delay and response Finish analysis Prepare briefing Day 5 Brief results Depart site

16 Questions/Discussion ???