EAR / Tools BLANCA

BLANCA - Library Management

EAR uses libraries to provide standard knowledge on

• classes of assets
• typical threats
• standard safeguards
• standard items for policies
• standard procedures

altogether with the nowledge of how good is a safeguard against a threat (in order to make recommendations, and estimate a residual risk value).

The existence of a standard library has a number of benefits:

to the final user:

that may focus on his problem: to identify and valuate the assets, threats, and safeguards

to the reader of risk reports:

that uses a standard terminology, and may easily compare different risk analysis

to the aditor:

that reads the risk reports using a standard terminology

Library management tools are not intended for final users, and are not distributed regularly.