oisru
oisru copied to clipboard
Repository for the Open Information Security Risk Universe
Created risk appetite section, updated the introduction section and added further references.
These updates clarify the language to improve the identification of the correct source and events: - Suppliers may not be 'compromised suppliers' in the event that they are the external...
Changed OSIRU to OISRU as I believe it's a misspelling.
Thought this example of [Intel having to publish their earning statement early (FT.com)](https://www.ft.com/content/b14742ed-c070-4d16-9696-96fe72ac04b8) because it had been leaked from their PR website was an interesting example of the Compliance/Strategic consequences...
I'm looking at some examples to articulate common risk scenarios and uses of OISRU. One common scenario is around the **service unavailability** _event_ that can, naturally, have many sources. For...
Does anyone see value in mapping the consequences on Risk Consequence page to FAIR's six forms of loss? Additional column? If so, I'd be willing to take a first pass...