Full title: SPRINT: Risk analysis for information systems
Overview: This guide describes the ESF’s SPRINT (Simplified Process for Risk Identification) risk analysis methodology, the thinking behind it and how to apply it. SPRINT reflects growing demand for tools to help business managers examine the security of their information systems in a structured manner. It focuses on systems that are rated ‘Important but not critical’. The guide contains worked examples of the SPRINT process and a supply of the materials needed to conduct SPRINT assignments.
Published by: European Security Forum (ESF)
Date published: January 1997
Status: Available to IFS Members
Citicus role: A founder of Citicus contributed to the development of SPRINT for and on behalf of the ESF and was the principal author of this guide.