March 26, 2013 What is the goal behind calculating assets in ISO-27000? My friend and colleague Gary Hinson said about asset valuation in ISO-27000 So, for instance, it’s hard to say exactly how much the HR…
October 2, 2012 An “11th Domain” book. http://www.infosectoday.com/Articles/Persuasive_Security_Awareness_Program.htm Gary Hinson makes the point here that Rebecca Herrold makes elsewhere: Awareness training is important. I go slightly further and think that a…
August 3, 2009 Significant Impact Calculation in Business Risk My colleague Gary Hinson made the following observation on the ISO 27001 list in August: There are numerous assumptions and estimations in the risk…
October 21, 2006 The CISSP Forum FAQ Its one of those bootstrap problems – the new CISSPs who need to read the information can’t get at the FAQ on how to…
