Help:Contents: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
No edit summary
 
 
(36 intermediate revisions by 4 users not shown)
Line 1: Line 1:
[[Image:greenlock.jpg]]
Consult the [http://meta.wikipedia.org/wiki/MediaWiki_User's_Guide User's Guide] for information on using the wiki software.
<br>
== Getting started ==
* [http://www.mediawiki.org/wiki/Help:Configuration_settings Configuration settings list]
* [http://www.mediawiki.org/wiki/Help:FAQ MediaWiki FAQ]
* [http://mail.wikipedia.org/mailman/listinfo/mediawiki-announce MediaWiki release mailing list]
----
* [[Text formatting help]].<br>
* [[Table formatting help]].<br>
* [http://diberri.dyndns.org/wikipedia/html2wiki/index.html HTML to Wiki conversion.]<br>
* [http://newped2.auckland.ac.nz/exe/exe/timeline/form.html Timeline plotting.]
----
[[Image:greenlock.jpg]] The status of this control objective is acceptable.


[[Image:yellowlock.jpg]]
[[Image:yellowlock.jpg]] The status of this control objective requires additional attention.


[[Image:redlock.jpg]]
[[Image:bluelock.jpg]] The status of this control objective has been remediated.
 
[[Image:redlock.jpg]] The status of this control objective is not acceptable and requires remediation.
----
<br>
[[Image:low-risk.jpg]] The risk potential condition is low. Use this image to provide a visual indication.<br>
<br>
[[Image:medium-risk.jpg]] The risk potential condition is medium. Use this image to provide a visual indication.<br>
<br>
[[Image:high-risk.jpg]] The risk potential condition is high. Use this image to provide a visual indication.<br>
<br>
----
<br>
[[Image:key-control.jpg]] Use this icon to visually illustrate what would be considered a key control.<br>
<br>
----
'''A brief explanation of industry or legislative control requirments can be found through the links below.'''
 
[http://www.isaca.org/ '''COBIT''']<br>
[http://cpcaf.aicpa.org/Resources/Sarbanes+Oxley/Summary+of+the+Provisions+of+the+Sarbanes-Oxley+Act+of+2002.htm '''Sarbanes-Oxley''']<br>
[http://aspe.hhs.gov/admnsimp/pl104191.htm '''HIPAA''']<br>
[http://www.ftc.gov/privacy/privacyinitiatives/glbact.html '''GLBA''']<br>
[http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html '''PCI''']<br>
[http://csrc.nist.gov/sec-cert/ '''FISMA''']<br>
[http://csrc.nist.gov/publications/nistpubs/800-66/SP800-66.pdf '''NIST SP 800-66''']<br>
[http://iase.disa.mil/ditscap/index.html '''Ditscap''']<br>
[http://doi.ppr.ky.gov/kentucky '''DOI''']<br>
[http://www.ffiec.gov/ '''FFIEC''']<br>
'''Control Exception:''' If a control condition exists that is exempt from testing, documentation should be available.<br>
'''User Defined:''' Any control that is truly unique to the enterprise should be noted accordingly.<br>
<br>
----
 
===Examples===
[[File:Very simple sequence.png]]
[[File:Usecase_img07.png]]
[[File:Classes10.png]]
 
==== Example1 ====
<nowiki><uml>
Alice -> Bob: Authentication Request
Bob --> Alice: Authentication Response
</uml>
</nowiki>
 
==== Example2 ====
<nowiki><uml>
skinparam usecaseBackgroundColor DarkSeaGreen
skinparam usecaseArrowColor Olive
skinparam actorBorderColor black
skinparam usecaseBorderColor DarkSlateGray
skinparam usecaseActorFontName Courier
 
User << Human >>
:Main Database: as MySql << Application >>
(Start) << One Shot >>
(Use the application) as (Use) << Main >>
 
User -> (Start)
User --> (Use)
MySql --> (Use)
</uml></nowiki>
 
==== Example3 ====
<nowiki><uml>
package "Classic Collections" #DDDDDD
Object <|-- ArrayList
 
package net.sourceforge.plantuml
Object <|-- Demo1
Demo1 *- Demo2
</uml></nowiki>

Latest revision as of 18:11, 21 August 2012

Consult the User's Guide for information on using the wiki software.

Getting started



File:Greenlock.jpg The status of this control objective is acceptable.

File:Yellowlock.jpg The status of this control objective requires additional attention.

File:Bluelock.jpg The status of this control objective has been remediated.

File:Redlock.jpg The status of this control objective is not acceptable and requires remediation.



The risk potential condition is low. Use this image to provide a visual indication.

The risk potential condition is medium. Use this image to provide a visual indication.

The risk potential condition is high. Use this image to provide a visual indication.



Use this icon to visually illustrate what would be considered a key control.


A brief explanation of industry or legislative control requirments can be found through the links below.

COBIT
Sarbanes-Oxley
HIPAA
GLBA
PCI
FISMA
NIST SP 800-66
Ditscap
DOI
FFIEC
Control Exception: If a control condition exists that is exempt from testing, documentation should be available.
User Defined: Any control that is truly unique to the enterprise should be noted accordingly.


Examples

Example1

<uml>
Alice -> Bob: Authentication Request
Bob --> Alice: Authentication Response
</uml>

Example2

<uml>
skinparam usecaseBackgroundColor DarkSeaGreen
skinparam usecaseArrowColor Olive
skinparam actorBorderColor black
skinparam usecaseBorderColor DarkSlateGray
skinparam usecaseActorFontName Courier

User << Human >>
:Main Database: as MySql << Application >>
(Start) << One Shot >>
(Use the application) as (Use) << Main >>

User -> (Start)
User --> (Use)
MySql --> (Use)
</uml>

Example3

<uml>
package "Classic Collections" #DDDDDD
Object <|-- ArrayList

package net.sourceforge.plantuml
Object <|-- Demo1
Demo1 *- Demo2
</uml>