Confirmed users
502
edits
Security/Risk management/Rapid Risk Assessment: Difference between revisions
Security/Risk management/Rapid Risk Assessment (view source)
Revision as of 20:42, 10 August 2016
, 10 August 2016Automated sync from https://github.com/mozilla/wikimo_content
Gdestuynder (talk | contribs) (Automated sync from https://github.com/mozilla/wikimo_opsec) |
Gdestuynder (talk | contribs) (Automated sync from https://github.com/mozilla/wikimo_content) |
||
| Line 351: | Line 351: | ||
* Tell the team that you'll follow up with a risk-record, thank them for their time and you're done! | * Tell the team that you'll follow up with a risk-record, thank them for their time and you're done! | ||
=== | === Post work (30 minutes) === | ||
Create a risk record for the service: https://mana.mozilla.org/wiki/display/SECURITY/Risk+Records | * Go back and re-read the rationale fields and the recommendations in the RRA which were filled in and expand on them to ensure they capture the important parts of the discussion and can be understood by a reader of the RRA without the context of the conversation. These fields often initially lack good detail because they're being recorded in real time while the RRA is being run and the conversation is in progress. | ||
* Create a risk record for the service: https://mana.mozilla.org/wiki/display/SECURITY/Risk+Records | |||
== Reference documents == | == Reference documents == | ||