What is the format of the CSV file for the risk register in the Creative Commons PCI app?
Hey Justin
The format should be pretty straight forward. The structure of the file:
rpos (Risk Position, used for creating the top 10 risk categories) rdetail (The guts of the Risk entry within the register) rimpact - This is the Risk Impact on a scale of 1 (little impact) to 5 (heavy impact) rprob - This is Risk Probability or the likelyhood of the risk occuring, again 1 to 5 rval - This is the Risk Value, a multiple of rimpact and rprob.
Below is a head of the log file. I tend to store this as a monitored file in /var/log/srisk.
rpos,rdetail,rimpact,rprob,rval 1,"Legacy systems, unsupported software being highly vulnerable to attack",5,4,20
Hope that helps, enjoy the User Conference.
Pete
Hey Justin
The format should be pretty straight forward. The structure of the file:
rpos (Risk Position, used for creating the top 10 risk categories) rdetail (The guts of the Risk entry within the register) rimpact - This is the Risk Impact on a scale of 1 (little impact) to 5 (heavy impact) rprob - This is Risk Probability or the likelyhood of the risk occuring, again 1 to 5 rval - This is the Risk Value, a multiple of rimpact and rprob.
Below is a head of the log file. I tend to store this as a monitored file in /var/log/srisk.
rpos,rdetail,rimpact,rprob,rval 1,"Legacy systems, unsupported software being highly vulnerable to attack",5,4,20
Hope that helps, enjoy the User Conference.
Pete