Ernie Hayden, MIPM, CISSP, CEH, GICSP(Gold), PSP

Critical Infrastructure Risk Assessment


Скачать книгу

rel="nofollow" href="#ulink_b40b38c0-e2e0-572d-868e-f231e8d6724d">4.6 Hold the Initial Team Meeting

       4.7 Client Kick Off Call

       4.8 Data Requests to Client

       4.9 Packing & Travel Planning

       4.10 Devising the Work Plan

       4.10.1 Example Site Risk Assessment Visit Plan

       4.10.2 Preparing Your Steno Pad

       4.10.3 Pre-Checking Control System Assets for Vulnerabilities

       4.11 Excited to Start the Assessment

       REFERENCES

       Chapter 5 The Power of the Observation

       In this chapter you will discover:

       5.1 An Introduction to the History of Observations

       5.2 Just What is an “Observation?”

       5.3 Observation Format

       5.4 Critical Thinking

       5.4.1 Asking “Why?”

       5.4.2 Communicating Your Observations

       5.4.3 Raising Issues

       5.5 Unintended Influence of the Observation on Performance of Work

       5.6 Writing the Observation

       5.7 The Power of the Observation

       REFERENCES

       Chapter 6 On Site

       In this chapter you will discover:

       6.1 On Site Arrival — Entrance Meeting

       6.2 Example Site Schedule and Activities

       6.3 Conducting Interviews

       6.4 Photographs

       6.5 Site Facility Inspections

       6.5.1 Tools of the Inspection Trade

       6.5.2 Inspection Data Collection

       6.5.3 Tour Planning

       6.5.4 “Working a Room”

       6.6 Technical Reviews

       6.7 Daily Team Meetings

       6.8 Development of Strengths & Weaknesses

       6.9 Site Exit Meeting

       Questions to Consider

       REFERENCES

       Chapter 7 The Final Report

       In this chapter you will discover:

       7.1 Back in the Home Office — Compiling the Information

       7.2 Important Terms of Art

       7.2.1 Weakness

       7.2.2 Strengths

       7.2.3 Findings

       7.2.4 Informational Observations

       7.2.5 Good Practice

       7.2.6 More About Findings

       7.3 Identifying the Risk Level of Findings

       7.3.1 Impact

       7.3.2 Probability or Likelihood

       7.3.3 Risk Assessment Matrix Development

       7.4 Preparing the Draft Report

       7.5 Report Review Process