Business Impact template

From OWASP
Revision as of 00:01, 13 February 2008 by Jeff Williams (Talk | contribs)

Jump to: navigation, search

Every Business Impact should follow this template.

Description

A business impact is the damage that results from a successful security breach. This should be the highest level impact to the business, not a glorified technical impact.

  1. Start with a one-sentence description of the business impact
  2. Describe the damage done to the business - money, loss of life, reputation, loss of customers, compliance, legal exposure
  3. Is the damage immediate or spread over a time period?


Risk Factors

  • Talk about the factors that govern this business impact
  • Try to be clear about the factors that make this impact serious


Examples

Short example name
One paragraph example description with links
Short example name
One paragraph example description with links


Related Technical Impacts


References


When the article is reviewed, the "Honeycomb" category can be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]