EAR
>
tools
>
BLANCA
 |
 |
EAR / BLANCA
library management
|
EAR uses libraries to provide standard knowledge on
- classes of assets
- typical threats
- standard safeguards
- standard items for policies
- standard procedures
altogether with the nowledge of how good is a safeguard against a threat
(in order to make recommendations,
and estimate a residual risk value).
The existence of a standard library has a number of benefits:
- to the final user:
-
that may focus on his problem:
to identify and valuate the assets, threats, and safeguards
- to the reader of risk reports:
-
that uses a standard terminology, and may easily compare
different risk analysis
- to the aditor:
-
that reads the risk reports using a standard terminology
Library management tools are not intended for final users,
and are not distributed regularly.
