1

Selection

2

aspect

See “Safeguards / Aspect”.

3

top

See “Safeguards / Type of protection”.

4

recommendation

It is a rank in the range [null .. 10], estimated by PILAR considering the assets, the security dimensions, and the level of risk addressed by this safeguard.

The cell is grey if PILAR finds no reason to recommend this safeguard. That is, PILAR does not know which risk this safeguard is good for.

(o) - PILAR thinks it is an overkill (“too much”).

(u) - PILAR thinks it is an under-kill (“not enough”).

Right-click to open a new window with a summary of the rational for the recommendation; that is, the assets and dimensions to which the safeguard will apply.

5

traffic light

See “Safeguards / Reference and target phases” below.

6

Safeguards tree.

You double click to collapse / expand the tree.

You may right-click to access to “Safeguards / tree”.

7

doubts

Click to mark / unmark the row. The mark is typically used to remember that there are issues waiting for an answer.

The mark “floats” to the top level to highlight the problem.

8

sources

Click to associate information sources to the safeguard and its children.

9

applicability

All safeguards apply by default. Nevertheless, you may mark safeguards as not applicable. It implies that PILAR will ignore them.

Ignoring safeguards is somehow risky in the sense that you may inhibit PILAR from working with measures that are useful.

Non-applicability shall be justified, and the reason recorded as a comment.

10

comment

Click to associate comments to the safeguard.

…

Project phases.

See “Safeguards / Maturity valuation” below.

clear

remove all applicability marks

recommendation

follows recommendation; that is all safeguards that are not recommended are marked as n.a.

only if …

retains only safeguads mapped from one or more security profiles

n.a.

mark every safeguard as n.a.

push down values

applicability is copied to other security domains under current one

copy

applicability values are copied from security domain above