Abstract :
The author outlines how security projects can go wrong. She details an approach which is both practical and proven to work in effectively designing security solutions to any IT systems. The approach is made up of five component stages: establish baseline security factors; identify constraints; identify and analyse the business and IT risks; recommend countermeasures to reduce identified risk factors (appropriate at either global or local level); and regularly update as business and IT changes
