One of them is a combination technique using ISO 27005 and NIST SP 800-30 revision 1. Previous research proved that the combination technique could be implemented in a non-profit organization (government). However, the detailed risk assessment steps are not explained clearly yet. Thus, raising ...
Drawing on international best practice, including ISO/IEC 27005, NIST SP800-30 and BS7799-3, the book explains in practical detail how to carry out an info... A Calder,A Salder,S Watkins 被引量: 11发表: 2010年 Information security assessment of power systems based on SEE-CMM This paper...