IT Security at Microsoft Overview

Published 17 May 04 09:18 AM

Very, very cool doc.

From the document “Overview discussion on what the Microsoft Corporate Security group does to prevent malicious or unauthorized use of digital assets at Microsoft. This asset protection takes place through a formal risk management framework, risk management processes, and clear organizational roles and responsibilities. The basis of the approach is recognition that risk is an inherent part of any environment and that risk should be proactively managed. The principles and techniques described can be employed to manage risk at any organization. Other areas of corporate security, such as security in software design and physical security, are not covered.”

Available here.

InternetNews carries some commentary on the paper.

by michael_HOWARD
Filed under:

Comments

# Nick Parker said on May 18, 2004 10:57 AM:
This is very helpful, I often wondered "...How would Microsoft do it?..."
# システム管理な雑記 -- Sleeve notes of a sysadmin -- said on May 23, 2004 7:22 PM:
[Docs] ???????????????
# システム管理な雑記 -- Sleeve notes of a sysadmin -- said on May 23, 2004 7:41 PM:
[Docs] ???????????????
New Comments to this post are disabled
Page view tracker