Security Assessment - TriParadigm: VLPAR - Virtual Logical Partition Automated Robot

	Site Guide \| Contact Us *Thinking inside the box...*
	Business Continuity / Disaster Recovery / High Availability Data Center Automation / Audit Assessment / Security Assessment


	Home About TriParadigm Triparadigm Officers Privacy Policies Affiliations Contact Us Fact Sheet News Press Releases Publications Events Solutions Business Continuity Planning Audit Response Audit Compliance Audit Readiness Security Assessment Enterprise Solutions Architecture & Design Integrated Automation Products VLPAR Orwell Disaster Recovery System P³ AMMS - Automated Microcode Management System P³ CMDB - Configuration Management Data Base P³ ADGS - Automated Document Generation System P³ ACMS - Automated Content Management System P³ APMS - Automated Patch Management System Product Demonstrations Services Business Continuity Planning and Implementation Disaster Recovery Planning and Implementation High Availability Planning and Implementation Virtualization Planning and Implementation Technical Project Planning and Implementation System Architecture Design and Integration Support Business Continuity Technical Support Disaster Recovery Technical Support High Availability Technical Support Virtualization Technical Support Microcode Technical Support Automated Documentation Technical Support vLPAR Technical Support Documentation Methdologies Articles Books Rules and Regulations Recommendations

Current Location

For general information:

For Press Information:

Become a Partner:

vLPAR^® Product Slide Show

vLPAR^® is a registered trademark of TriParadigm LLC


	Information Security Assessment Methodology INFOSEC Assessment Methodology (IAM) IAM is a detailed and systematic method for examining security vulnerabilities from an organizational perspective as opposed to a only a technical perspective. Often overlooked are the processes, procedures, documentation, and informal activities that directly impact an organization's overall security posture but that might not necessarily be technical in nature. NSA developed the IAM to give organizations a repeatable framework for conducting organizational types of assessments as well as provide assessment consumers appropriate information on what to look for in an assessment provider. The IAM is also intended to rase awareness of the need for organizational types of assessment versus the purely technical type of assessment. National Security Agency's IAM is a baseline measurement of the controls implemented to protect information that is transmitted, processed, or stored by a specific system. Simplified, this is a measurement of the security posture of a system or organization. Organizationl Information Criticality Matrix (OICM) The OICM is based on the customer decisions about the information types within their own organization that are critical for the completion of their mission and meeting organizational goals. System Information Criticality Defines those specific systems that process, transmit, or store the customers's critical information. These are the key information systems that have the greatest impact on the customer's operations. From a technical perspective, these are the systems that will be most focused on during any technical evaluations that occour in conjuction with the IAM assessment process. From a purely organizaitonal perspective, these are the systems that need the deepest scrutiny because the compromise or complete loss of these particular information systems would most likely have a distinct and often painful impact on the organization.

Security Assessment

Business Continuity Planning
Audit Response
Audit Compliance
Audit Readiness
Enterprise Solutions
Small Business Solutions
Architecture and Design
Integrated Automation
Business Continuity
Audit Assessment
Audit Evaluation
Red Team

Digg this page

Post to del.icio.us

Slashdot it!