Security consultant Norman describes a risk analysis process that he believes fits the requirements of every methodology approved by the US Department of Homeland Security and takes into
account all of the requirements of every major risk analysis methodology. The approach also created budgets that are prioritized by relative effectiveness and relative risk. Twenty chapters
address Department of Homeland Security-approved risk analysis methods, risk analysis skills and tools, critical thinking and the risk analysis process, asset characterization and
identification, criticality and consequence analysis, threat analysis, assessing vulnerability, estimating probability, the risk analysis process, prioritizing risk, security policy and
countermeasure goals, developing effective security policies, countermeasure goals and strategies, types of countermeasures, countermeasure selection and budgeting tools, security effectiveness
metrics, cost-effectiveness metrics, and writing effective reports. Annotation 穢2010 Book News, Inc., Portland, OR (booknews.com)
