Business Impact template

From OWASP
Revision as of 19:18, 18 February 2008 by Leocavallari (Talk | contribs)

Jump to: navigation, search

Every Business Impact should follow this template.

Description

A business impact is the damage that results from a successful security breach. This should be the highest level impact to the business, not a glorified technical impact.

  1. Start with a one-sentence description of the business impact
  2. Describe the damage done to the business - money, loss of life, reputation, loss of customers, compliance, legal exposure
  3. Is the damage immediate or spread over a time period?


Risk Factors

  • Talk about the factors that govern this business impact
  • Try to be clear about the factors that make this impact serious


Examples

Short example name

A short example description, small picture, or sample code with links

Short example name

A short example description, small picture, or sample code with links


Related Technical Impacts


References


When the article is reviewed, the "Honeycomb" category SHOULD be removed and replaced with the "ASDR" category [[Category:OWASP Honeycomb Project]] [[Category:OWASP ASDR Project]]