Help:Contents: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
No edit summary
 
(30 intermediate revisions by 4 users not shown)
Line 1: Line 1:
Consult the [http://meta.wikipedia.org/wiki/MediaWiki_User's_Guide User's Guide] for information on using the wiki software.
<br>
== Getting started ==
* [http://www.mediawiki.org/wiki/Help:Configuration_settings Configuration settings list]
* [http://www.mediawiki.org/wiki/Help:FAQ MediaWiki FAQ]
* [http://mail.wikipedia.org/mailman/listinfo/mediawiki-announce MediaWiki release mailing list]
----
* [[Text formatting help]].<br>
* [[Table formatting help]].<br>
* [http://diberri.dyndns.org/wikipedia/html2wiki/index.html HTML to Wiki conversion.]<br>
* [http://newped2.auckland.ac.nz/exe/exe/timeline/form.html Timeline plotting.]
----
[[Image:greenlock.jpg]] The status of this control objective is acceptable.
[[Image:greenlock.jpg]] The status of this control objective is acceptable.


[[Image:yellowlock.jpg]] The status of this control objective requires additional attention.
[[Image:yellowlock.jpg]] The status of this control objective requires additional attention.
[[Image:bluelock.jpg]] The status of this control objective has been remediated.


[[Image:redlock.jpg]] The status of this control objective is not acceptable and requires remediation.
[[Image:redlock.jpg]] The status of this control objective is not acceptable and requires remediation.
----
----
<br>
<br>
Consult the [http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide User's Guide] for information on using the wiki software.
[[Image:low-risk.jpg]] The risk potential condition is low. Use this image to provide a visual indication.<br>
<br>
[[Image:medium-risk.jpg]] The risk potential condition is medium. Use this image to provide a visual indication.<br>
<br>
<br>
== Getting started ==
[[Image:high-risk.jpg]] The risk potential condition is high. Use this image to provide a visual indication.<br>
 
* [http://www.mediawiki.org/wiki/Help:Configuration_settings Configuration settings list]
* [http://www.mediawiki.org/wiki/Help:FAQ MediaWiki FAQ]
* [http://mail.wikipedia.org/mailman/listinfo/mediawiki-announce MediaWiki release mailing list]
<br>
<br>
----
----
<br>
<br>
[[Image:key-control.jpg]] Use this icon to visually illustrate what would be considered a key control.<br>
<br>
----
'''A brief explanation of industry or legislative control requirments can be found through the links below.'''
'''A brief explanation of industry or legislative control requirments can be found through the links below.'''


[http://www.sec.gov/divisions/corpfin/faqs/soxact2002.htm '''Sarbanes-Oxley''']<br>
[http://www.isaca.org/ '''COBIT''']<br>
[http://cpcaf.aicpa.org/Resources/Sarbanes+Oxley/Summary+of+the+Provisions+of+the+Sarbanes-Oxley+Act+of+2002.htm '''Sarbanes-Oxley''']<br>
[http://aspe.hhs.gov/admnsimp/pl104191.htm '''HIPAA''']<br>
[http://aspe.hhs.gov/admnsimp/pl104191.htm '''HIPAA''']<br>
[http://www.ftc.gov/privacy/glbact/glbsub1.htm '''GLBA''']<br>
[http://www.ftc.gov/privacy/privacyinitiatives/glbact.html '''GLBA''']<br>
[http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html '''PCI''']<br>
[http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html '''PCI''']<br>
[http://csrc.nist.gov/sec-cert/ '''FISMA''']<br>
[http://csrc.nist.gov/sec-cert/ '''FISMA''']<br>
[http://csrc.nist.gov/publications/nistpubs/index.html '''NIST SP 800-66''']<br>
[http://csrc.nist.gov/publications/nistpubs/800-66/SP800-66.pdf '''NIST SP 800-66''']<br>
[http://iase.disa.mil/ditscap/index.html '''Ditscap''']<br>
[http://iase.disa.mil/ditscap/index.html '''Ditscap''']<br>
[http://doi.ppr.ky.gov/kentucky '''DOI''']<br>
[http://www.ffiec.gov/ '''FFIEC''']<br>
'''Control Exception:''' If a control condition exists that is exempt from testing, documentation should be available.<br>
'''Control Exception:''' If a control condition exists that is exempt from testing, documentation should be available.<br>
'''User Defined:''' Any control that is truly unique to the enterprise should be noted accordingly.<br>
'''User Defined:''' Any control that is truly unique to the enterprise should be noted accordingly.<br>
<br>
<br>
----
----
===Examples===
[[File:Very simple sequence.png]]
[[File:Usecase_img07.png]]
[[File:Classes10.png]]
==== Example1 ====
<nowiki><uml>
Alice -> Bob: Authentication Request
Bob --> Alice: Authentication Response
</uml>
</nowiki>
==== Example2 ====
<nowiki><uml>
skinparam usecaseBackgroundColor DarkSeaGreen
skinparam usecaseArrowColor Olive
skinparam actorBorderColor black
skinparam usecaseBorderColor DarkSlateGray
skinparam usecaseActorFontName Courier
User << Human >>
:Main Database: as MySql << Application >>
(Start) << One Shot >>
(Use the application) as (Use) << Main >>
User -> (Start)
User --> (Use)
MySql --> (Use)
</uml></nowiki>
==== Example3 ====
<nowiki><uml>
package "Classic Collections" #DDDDDD
Object <|-- ArrayList
package net.sourceforge.plantuml
Object <|-- Demo1
Demo1 *- Demo2
</uml></nowiki>

Latest revision as of 18:11, 21 August 2012

Consult the User's Guide for information on using the wiki software.

Getting started



File:Greenlock.jpg The status of this control objective is acceptable.

File:Yellowlock.jpg The status of this control objective requires additional attention.

File:Bluelock.jpg The status of this control objective has been remediated.

File:Redlock.jpg The status of this control objective is not acceptable and requires remediation.



The risk potential condition is low. Use this image to provide a visual indication.

The risk potential condition is medium. Use this image to provide a visual indication.

The risk potential condition is high. Use this image to provide a visual indication.



Use this icon to visually illustrate what would be considered a key control.


A brief explanation of industry or legislative control requirments can be found through the links below.

COBIT
Sarbanes-Oxley
HIPAA
GLBA
PCI
FISMA
NIST SP 800-66
Ditscap
DOI
FFIEC
Control Exception: If a control condition exists that is exempt from testing, documentation should be available.
User Defined: Any control that is truly unique to the enterprise should be noted accordingly.


Examples

Example1

<uml>
Alice -> Bob: Authentication Request
Bob --> Alice: Authentication Response
</uml>

Example2

<uml>
skinparam usecaseBackgroundColor DarkSeaGreen
skinparam usecaseArrowColor Olive
skinparam actorBorderColor black
skinparam usecaseBorderColor DarkSlateGray
skinparam usecaseActorFontName Courier

User << Human >>
:Main Database: as MySql << Application >>
(Start) << One Shot >>
(Use the application) as (Use) << Main >>

User -> (Start)
User --> (Use)
MySql --> (Use)
</uml>

Example3

<uml>
package "Classic Collections" #DDDDDD
Object <|-- ArrayList

package net.sourceforge.plantuml
Object <|-- Demo1
Demo1 *- Demo2
</uml>