The principle tool is the brain. Anything less than full use of the brain will not be complete. One must ask the question, "Risk of what?" Each organization has a difference risk tolerance and differing policies. Current tools are inadequate to completely address the specific risks to any organization. John
John G. Cronican, Jr. (CISSP) Director, Corporate Security Peregrine Systems, Inc. 3611 Valley Centre Drive San Diego, CA 92130 (858) 794-7550 (voice) (858) 481-1751 (fax) [EMAIL PROTECTED] www.peregrine.com -----Original Message----- From: Bilge KARABACAK [mailto:[EMAIL PROTECTED]] Sent: Saturday, January 26, 2002 10:00 AM To: [EMAIL PROTECTED] Subject: Risk Analysis and Management Tool Hi all, We are planning to use a security risk analysis and management tool to ease and somewhat automate our risk analysis and management process. BS 7799 or equivalent ISO 17799 compliancy is more than preferred. Which security risk analysis and management tool do you suggest? Bilge Karabacak TUBITAK-UEKAE
