I am looking for guidance on creating a matrix for a IT risk assessment.
I am using the methdology from NIST SP 800-30 and am looking for specific
line items to add to the matrix. Any help or pointers you can provide are
appreciated in advance. While looking for something complete I am not
looking for exhaustive (but can pare that down if need be).

Thanks in advance for any help,

firewall-wizards mailing list