[dssa] Risk management methods
hi all,
we had a conversation about identifying methodologies that we could use to
structure our "analysis" work on todays call. i was too busy talking to notice
the incredibly productive chat session that was going on until later in the
day, but i've started another mind-map using the stuff that you all posted
there.
i'm including a one-page view of what we have so far in this note -- a really
great start. and i've built another wiki page where revised versions of this
work will go. here's a link to the new page;
https://community.icann.org/display/AW/Risk+management+framework
we blasted this out in about 10 minutes -- so i would encourage all of you to
take a look at what we have so far and suggest additional possibilities.
a personal observation -- most of these standards are behind pay-walls. which
is fine, that's how they get built and maintained. but we need a way to get
access to the standards for our group. i'm really REALLY interested in getting
to the details of how we do the analysis and we need to be able to access the
"real" standards (rather than the advertisements for them) in order to do this.
several ideas come to mind.
- we could buy them all (they're not that expensive -- $US 100-500 seems to be
the range
- those of us who have licenses could brief the rest of us on a call as to what
the "analysis" workplan steps look like
- we could limit ourselves to the ones that are free (eg OCTAVE)
or something else. so let's have two conversations on this thread.
-- are there other standards/methodologies we should consider looking at for
ideas? if so, send a link or something
-- any ideas about how to extract the knowledge we need to build our workplan?
pretty neat stuff,
mikey
Attachment:
DSSA - Risk management methods - v1 - map only.pdf - - - - - - - - - phone 651-647-6109 fax 866-280-2356 web http://www.haven2.com handle OConnorStP (ID for public places like Twitter, Facebook, Google, etc.) |