Confirmed users
502
edits
Security/Risk management: Difference between revisions
Automated sync from https://github.com/mozilla/wikimo_opsec
Gdestuynder (talk | contribs) m (link name) |
Gdestuynder (talk | contribs) (Automated sync from https://github.com/mozilla/wikimo_opsec) |
||
| Line 3: | Line 3: | ||
<td style="min-width: 25em;">__TOC__</td> | <td style="min-width: 25em;">__TOC__</td> | ||
<td style="vertical-align: top; padding-left: 1em;"> | <td style="vertical-align: top; padding-left: 1em;"> | ||
'''STATUS: READY''' | '''STATUS: <span style="background-color: #14892c; border-radius: .25em; color: #ffffff; display: inline-block; | ||
font-weight: bold; margin: .1em 0; min-width: 6em; padding: .05em .5em; text-transform: uppercase; text-align: | |||
center;">READY</span>''' | |||
The goal of this document is to help understanding how risk is handled by the Enterprise Information Security Team | The goal of this document is to help understanding how risk is handled by the Enterprise Information Security Team | ||
| Line 57: | Line 59: | ||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
| <span style="padding: | | <span style="background-color: #cccccc; border-radius: .25em; color: #000000; display: inline-block; font-weight: bold; margin: .1em 0; min-width: 6em; padding: .05em .5em; text-transform: uppercase; text-align: center;">LOW</span> | ||
| Low is something we don't expect has impact, or is likely to happen. We don't expect much attention there. | | Low is something we don't expect has impact, or is likely to happen. We don't expect much attention there. | ||
|- | |- | ||
| <span style="padding: | | <span style="background-color: #4a6785; border-radius: .25em; color: #ffffff; display: inline-block; font-weight: bold; margin: .1em 0; min-width: 6em; padding: .05em .5em; text-transform: uppercase; text-align: center;">MEDIUM</span> | ||
| Medium is where some risk exists and should at least be acknowledged by service owners. Ideally, steps will be taken | | Medium is where some risk exists and should at least be acknowledged by service owners. Ideally, steps will be taken | ||
to remedy or mitigate the risk albeit some may instead accept this as residual risk. | to remedy or mitigate the risk albeit some may instead accept this as residual risk. | ||
|- | |- | ||
| <span style=" | | <span style="background-color: #ffd351; border-radius: .25em; color: #000000; display: inline-block; font-weight: bold; margin: .1em 0; min-width: 6em; padding: .05em .5em; text-transform: uppercase; text-align: center;">HIGH</span> | ||
| High means we have a problem that we have to fix. The risk is sufficiently important that we have to plan remediations | | High means we have a problem that we have to fix. The risk is sufficiently important that we have to plan remediations | ||
or mitigations soon. We do not expect high risk to be accepted as residual. | or mitigations soon. We do not expect high risk to be accepted as residual. | ||
|- | |- | ||
| <span style=" | | <span style="background-color: #d04437; border-radius: .25em; color: #ffffff; display: inline-block; font-weight: bold; margin: .1em 0; min-width: 6em; padding: .05em .5em; text-transform: uppercase; text-align: center;">MAXIMUM</span> | ||
| Maximum means we have a significant problem right now. All hands on deck may be required to remedy or mitigate the | | Maximum means we have a significant problem right now. All hands on deck may be required to remedy or mitigate the | ||
risk immediately. | risk immediately. | ||