An Agile IT Security Model for Project Risk Assessment
There are two fundamental challenges in effectively performing security risk assessment in today's IT projects. The first is the project manager's need to know what IT security risks face the project before the project begins. At this stage IT security staff is unable to answer this question without first knowing the system requirements for the project which are yet to be defined. Second organisations that deal with a large project throughput each year find the current IT security risk assessment process to be tedious and expensive, especially when the same process has to be repeated for each individual project.