This is a lightweight Risk Impact Calculator tool that starts with a total picture of revenue or organizational budget or portfolio, and delves into up to ten separate risks. The scoring methodology is calculated based on what are hopefully common sense questions, and then matrixed against the total organizational figures to maintain consistency of scoring despite organization size. This tool is a work in progress and feedback is always welcome via the Contacts page on this site. NOTE: Risk Likelihood does not yet exist in this calculator and is under development. (Coming soon!)
This work is free to use for any purpose and is licensed under the Creative Commons Attribution-NoDerivatives 4.0 International License.
Current version is BETA v1.3
This is a lightweight Business Impact Analysis tool that starts with a business process or asset, and then focuses on the information technology that supports that process or asset. The outage of the business process or loss of asset is what is being assessed, and such factors as brand damage are taken into account. The idea is to weigh each process or asset using this calculator and to tally scores. NOTE: the math behind the points systems WILL need to be tweaked depending upon the size and type of your business. Brand damage may be more significant to your organization than the weighted points I allocate by default. Additionally, revenue-related numbers might need to be adjusted. Once tweaking is complete, using this calculator consistently will generate consistent scores. Those scores can be used to determine your highest priority business processes for Disaster Recovery, Business Continuity, Risk Management, etc.
This work is free to use for any purpose and is licensed under the Creative Commons Attribution-NoDerivatives 4.0 International License.
Current version is v1.4
This four-year plan assumes you are in a hypothetical state, starting with zero security controls in place. It assumes your goal is to fulfill the NIST CSF v1.1 framework, with an eventual goal of achieving ISO 27001:2013 compliance. To get you there, it starts you with the CIS CSC 20 v7 controls.
This work is free to use for any purpose and is licensed under the Creative Commons Attribution-NoDerivatives 4.0 International License.
This is very much a work in progress, and may contain inaccuracies.
Current version is DRAFT v0.4
This document is aimed at new developers and veteran developers who want to better understand secure coding principles and practices. Example configurations and code snippets (.NET) are included, as well as pointers to a variety of security tools.
As with any document that contains code snippets and configuration detail, deprecation is a risk. Such details in this document were current as of 2017 and will be revised periodically.
This work is free to use for any purpose and is licensed under the Creative Commons Attribution-NoDerivatives 4.0 International License.
Current version is v3.5
Copyright © 2019-2022 Allan Alford Consulting - All Rights Reserved.
This website uses cookies. By continuing to use this site, you accept our use of cookies.