ISAO 700-1: Introduction to Analysis v0.1

Request For Comment: Open April 3 – May 3

The purpose of analysis is to produce intelligence that decreases uncertainty in decision making and therefore reduces risk. This document provides an introduction to the information analysis process and how an Information Sharing and Analysis Organization (ISAO) can use it to identify, define, and mitigate cyber-security threats. It is the authors’ intent to provide organizations a general understanding of the tools and processes needed for an analysis team to create cybersecurity information and intelligence within their ISAOs.

This document establishes a conceptual framework for an analytical process, including establishing information and intelligence requirements as well as collecting, processing, analyzing, and exploiting relevant data to generate products that provide ISAO members with cybersecurity situational awareness. The objective of sharing cybersecurity analysis is to provide ISAOs with actionable information, reduce uncertainty, and thereby reduce risk to enable decision makers. As a technical overview, this document is meant to foster discussion on both a managerial and an operational level.

Download This Draft Document
Having trouble viewing this document?

Comments

To provide comments, please first login and then use the comments form provided to submit feedback. If you are not a registered user, we recommend registering to our website before submitting draft comments in order to save your contact information for future use. You can register to our website by using the "Register" link in the top right corner of the page. If you would like to submit comments without registering, please use the following link:   Submit Comments Without Registering