Security profiles (EVL)Security profiles (EVL)\EVL – Additional measures

EVL – Additional measures

You may extend the collection of controls with additional ones. These new controls may consider additional safeguards to be applied for risk treatment. The new controls may be narrowed to be applicable to some asset classes and threats.

 

For the new control you may specify

code (mandatory)

a unique code to identify the new control

name

a short 1-line description

asset classes (optional)

zero or more asset classes; the new control will be applied only to risks involving an asset of any of the enumerated classes

threats (optional)

zero or more threats; the new control will be applied only to risks involving any of the enumerated threats

safeguards (optional)

zero or more safeguards from the catalogue (either PILAR or NIST); the new control may pull-up, push-down, or just compare its valuation with that of the enumerated safeguards

description

a longer description of the control

 

Top

Related topics

Security profiles (EVL)

Top