RISK MANAGEMENT RESEARCH LABORATORY OVERVIEW The National Institute of Standards and Technology (NIST) and the National Computer Security Center (NCSC) have cooperatively established a Risk Management Research Laboratory located at the NIST facilities in Gaithersburg, MD. The primary objective of the laboratory is to conduct research in risk management techniques and methodologies. As part of this endeavor, risk management software products will be surveyed to determine their applicability to different agency environments. A demonstration capability is also planned. Although official product evaluations will not be conducted, reports outlining the characteristics and capabilities of products surveyed will be prepared. An additional goal of the laboratory is to develop and publish guidance on currently available risk management methods. We plan to develop a "standard" test case for use in the laboratory. The test case will provide a focal point for controlled analysis and documentation. It is further planned to develop data on computer security incidents for estimating threat frequencies, vulnerabilities, losses, direct and indirect impacts, etc. A longer range goal of the laboratory is to develop and validate a formal framework for analyzing, developing, and implementing risk management methods. We will be looking for methods of risk management which could be economically employed across a broad spectrum of computer environments and upon which standards could be based. It is intended that workshops will be organized to evaluate current and future technology for this purpose. Technical contributions and comments are welcome from interested parties from both the public and private sectors. The point of contact for the laboratory is Irene Gilbert (NIST), (301) 975-3360. Application Control Matrix Methodology. Matrix approach. This methodology presents application controls, control objectives, and risks in a mate format. The matrix provides a summary of the security environment which allows the user and auditor to quickly view where added safeguards are needed. A data base of controls from which to make selections is included in this software package. Hardware Requirements. - IBM PC or compatible. - Two diskette drives or one diskette drive and a fixed drive. Operating System. - MS-DOS Version 2.0 or later. Laser Interface~ease of Use. - Menu-driven. - Online HELP facility. Documentation and Training. - User Manual. Developer/Vendor. Nander Brown & Co., Reston, VA (202) 653-6646. Remarks. Government agencies may obtain copies of this software at no charge. BDSS (Bayesian Decision Support System). Methodology. Quantitative/Qualitative. BDSS is programmed to gather tangible and intangible asset valuation data and to ask questions that assess potential risks using quantitative data bases provided by the vendor. The user can include site-specific threat experiences which the algorithms will process along with the quantitative knowledge base. Threats, vulnerabilities, asset categories, and selected safeguards are automatically mapped and cross-mapped to each other. system ranks threats before and after the implementation of safeguards so that the representation of comparable exposure to loss may be examined. The analysis results are typically displayed graphically with risk curves based on dollar loss values and probability of loss coordinates. The central algorithms of BDSS are based on Bayes' Theorem addressing uncertainty and statistical methods. BDSS software produces a variety of printed reports as well as ASCII files that may be exported to the user's word processor. The vulnerability analysis feature of the BDSS application also provides a stand-alone qualitative presentation of safeguard system weaknesses. Hardware requirements. - IBM PC/AT or compatible. - 640KB memory. - 20MB fixed drive and one diskette drive. - Graphics card (CGA/EGA) Operating System. - MS-DOS Version 3.0 or later. User Interface/Ease of Use. - Menu driven. Documentation and Training: - User manual. - Training is not included with purchase but may be provided upon request. Developer/Vendor. Ozier, Perry & Associates developed BDSS in a joint venture with Pickard, Lowe and Garrick, Inc. of Newport Beach, CA and Washington, DC. For further information regarding the software contact Ozier, Perry & Associates, San Francisco, CA; (415) 989-9092 Remarks. BUDDY SYSTEM Methodology. Qualitative. The Buddy System is an automated risk analysis methodology for microcomputer environments and comprises two components: (1) countermeasures survey and (2) security analysis and management (SAM). This software package assesses the level of vulnerability based on safeguards already in place. The level of information being processed on the system determines whether or not the assessed level of vulnerability is acceptable. Recommendations for corrective action are provided for each vulnerability that falls outside of the acceptable range through the use of on-line "what if' scenarios. A data base containing over 100 safeguards is included in this software package. Further, the Risk Management component of the system allows the analyst to track recommended corrective action implementations for reports and/or follow-up procedures. Hardware Requirements. - IBM PC or compatible. - 256KB memory. - 10MB fixed drive and one 360K diskette drive. Operating system. - MS-DOS Version 2.0 or later. User Interface/Ease of Use. - On-line HELP facility. Documentation and Training. - User manual. - One-day on-site training course. - Training component built into the software to increase security awareness. Developer/Vendor: Countermeasures, Inc., Hollywood, MD; (301) 373- 5166. Remarks. - Optional Maintenance Utility allows the user to customize the software. - Report and screen formats can be edited with standard DOS editor. CONTROL MATRIX METHODOLOGY FOR MICROCOMPUTERS Methodology. Matrix approach. This software provides a matrix approach for designing controls into microcomputer system environments. It identifies which controls are necessary to ensure adequate security in business or scientific systems. The software package contains four separate systems. Package 1 (Designing Controls into Computerized Systems) is an educational tool that teaches the user how to design and develop a control matrix. Package 2 (Risk Ranking the Matrix) teaches the use of Delphi and Comparison Risk Ranking techniques to rank threats and their controls. Package 3 (Automated PC-Based Control Matrix Design) is a control matrix development package that contains a database of controls plus separate databases of threats and computer system components. This package allows one to draw a draft matrix, search the controls database and move relevant controls to a matrix controls list. Package 4 (Show Text Presentation Graphics) is used to draw the final matrix resequencing threats, components, and controls. Hardware Requirements. - IBM PC or compatible or IBM Personal System/2. - 384KB memory. - Two diskette drives or 10MB fixed disk. - Graphics capability. Operating system. - MS-DOS Version 2.0 or later. User Interface/Ease of Use. - A demo diskette provides a ten minute introduction to the matrix concept of designing controls into computerized systems. Documentation and Training. - User manual. - Automated course. - One or two day on-site training upon request. Developer/Vendor. Jerry Fitzgerald & Associates, Redwood City, CA (415) 591-5676 Remarks. CRAMM (CCTA Risk Analysis and Management Methodology) Methodology: Qualitative. CRAMM is a risk analysis tool developed by the British government and BIS Applied Systems Limited. CRAMM is composed of three stages, each supported by questionnaires and guidelines. The primary function of Stage 1 is the valuation of data and physical assets of the system or network under review. Qualitative values are determined for the data assets on a scale of 1 to 10, for potential impacts of disclosure, modification, destruction, and availability. The physical asset are valued on the basis of replacement costs, which are also convened to scalar values of 1 to 10, with 10 representing the highest value. The review moves to stage 2 for those assets valued higher than 3. (Baseline protective measures are recommended for assets valued lower than 3). Stage 2 measures the levels of threats and vulnerabilities for each asset group and then measures the risks on a scale of 1 to 5. In stage 3, these measures are used to select safeguards from a library of over 900. CRAMM provides an iterative safeguard evaluation, in priority sequence, to facilitate selection of the most appropriate safeguards. A variety of reports are produced. CRAMM also provides a password logon function. Sensitivity markings are provided on all screens and hardcopy output. Hardware Requirements. - IBM PC or compatible. - 640KB memory. - 10MB fixed drive. Operating System. - MS-DOS 2.1 or later. User Interface/Ease of Use. - Menu-driven. - On-line HELP facility. Documentation and Training. - User manual. - Management guide. - Training available upon request. Developer/Vendor. BIS Applied Systems Limited, London SE1 9PN, England; telephone 011-44-1-633-0866. Remarks. CRAMM is available in the USA by licence agreement between BIS and the UK Central Computer Telecommunications Agency. The BIS Service Representative and provider of a US-based help desk and support services is Executive Resources Associates, Inc., Suite 813, One Crystal Drive, Arlington, VA 22202; (703) 920-5200. CRITI-CALC Methodology: Quantitative/Qualitative. This product uses the concept of annualized loss expectancy (ALE) to quantify the criticality of risk exposure for applications. The software collects information about each application's loss potential, optimum off-site recovery, cost of backup, cost 10 recover. It uses this information to calculate each application's annualized risk potential. The criticality of each application is determined by the potential for loss caused by a processing interruption and a profile of up to 14 delay factors. The user interacts with the system by means of screens which display information about the risk exposure. Once the user has reviewed the initial results, "what if" analysis may be performed by modifying the input data as a way of verifying the effectiveness of certain safeguards. The information contained in the output reports may be used to optimize contingency plans. The ALE, as a function of maximum outage duration, is compared with the corresponding cost of backup data to identify automatically the optimum off-site recovery site. Hardware requirements: - IBM PC/XT or compatible. - 64OK memory. - 360K diskette drive. - Feed drive not necessary but convenient. Operating SYstem: - MS-DOS Version 2.11 or later. User Interface ease of Use: - Menu-driven. - Help screen. Documentation and Training: - User manual with sample databases and detailed tutorial. - On-site training. Developer/Vendor: International Security Technology, Reston, VA (703) 471-0885. Remarks. GRA/SYS Methodology. Qualitative. GRA/SYS is a tool designed to assist internal auditors and security personnel in developing a work priority plan for reviewing organizational risks. Specifically, the software prepares an applications and computer activity inventory, determines the number of risks for several major control areas. A risk score that reflects the measure of risk to the organization is calculated and placed in descending order on a scale of 1 to 9, with 9 representing a worst-case situation. An additional report that reflects the number of times each risk occurs is also prepared. Using the output reports from this software package, the user is able to identify those risks where more effective safeguards are needed. Hardware Requirements. - IBM PC or compatible. - 64KB memory. - One diskette drive. Software Requirements. - MS-DOS Version 2.0 or later. User Interface/Ease of Use. - Menu-driven. Documentation and Training. - User manual. - Training is not offered with the purchase. Developer/Vendor. Nander Brown & Co., Reston, VA.; (202) 653-6646. Remarks. Government organizations may obtain this software at no cost. IST/RAMP (International Security Technology/Risk Analysis Management Program) Methodology. Quantitative and Qualitative. 1ST/RAMP is a mainframe- resident risk analysis program with an input module that is PC- resident. The software calculates the annualized loss expectancy and as well as single occurrence loss. The system can also provide a qualitative analysis. 1ST/RAMP generates data collection forms to assist the risk analyst in organizing and controlling data collection. Five loss categories are addressed: service interruptions; physical loss and damage; fraud; unauthorized disclosure; and physical theft. A library of data bases enables the analyst to maintain an audit trail of input data changes. A 'what-if' capability enables the analyst to select the most cost-effective security measures. RAMP<->LINK~is a PC-resident, menu-driven data entry system which uses risk information entered by the analyst to build a DOS file that can be uploaded to IST/RAMP for processing. Hardware Requirements. - IBM Mainframe for IST/RAMP--30xx with MVS. - Interactive under TSO and Roscoe. - IBM PC/XT or compatible for RAMP<->Link. - 5K12 memory. - Two diskette drives or one diskette and fixed disk drives. Software Requirements. - MS DOS Version 2.1 or later. User Interface/lEase of Use. - Menu-driven. Documentation and Training. - Training manual with sample data bases and detailed tutorial. - User manual. - Three-day on-site training. - Pocket reference. Developer/Vendor International Security Technology, Reston, VA; (703) 471-0885. Remarks. RAMP<->L~ makes it unnecessary for the analyst to be familiar with the details of 1ST/RAMP data entry formats. The analyst enters the data off-line and logs onto a mainframe where 1ST/RAMP is resident using any communications software package that has a "file send" command. JANBER Methodology: Qualitative. Janber initiates a yes/no questionnaire and checklIst for collecting information about security controls already in place. The software weights safeguards currently in place and measures them against the level of data being processed on the system. These data classification levels point to highly sensitive but unclassified information to highly classified data. The analysis provides a linguistic characterization of the level of vulnerability from 2-28, with 28 representing a worst-case scenario. Vulnerabilities, safeguards and their weights can be preestablished by the vendor to meet the organization requirements. Safeguards that are required but not implemented are flagged in a report and recommendations for safeguards that meet organizational guidelines and directives are provided. Users have the capability of performing "what-if' scenarios to evaluate the effectiveness of certain safeguards. The Janber application allows users to define standard entries for specific data fields. The results of the data collection and analysis are maintained on separate data bases. The developer recommends that both the analysis and the data collection be performed by different personnel to assure the integrity of the results. The developer further recommends that the analysis be performed by computer security professionals to achieve optimum results. The software provides a capability to track action items resulting from the evaluation. Janber creates a database of information on all systems surveyed and provides a data base query capability for contingency planning and recovery operations. Hardware Requirements. - IBM PC or compatible. - 10MB Feed drive and one diskette drive. Operating system. - MS-DOS Version 2.0 or higher. User Interface/Ease of Use. - Menu-driven. - On-line help facility. Documentation and Training. - User manual. - Training provided upon request. Developer/Vendor. Eagan, McAIlister Associates, Inc., Lexington Park, MD 20653; (301) 862-3565. Remarks. LAVA (Los Alamos Vulnerability and Risk Assessment) Methodology: Qualitative and Quantitative. LAVA administers questionnaires which results in the identification of missing safeguards in 34 areas ranging from password management to personnel security and internal audit practices. The software evaluates potential consequences and impact upon the organization and the ultimate loss exposure (risks). LAVA considers three kinds of threats: natural and environmental hazards; accidental and intentional on-site human threats (including the authorized insider); and off-site human threats. Detailed LAVA reports provide both qualitative and quantitative results of the risks identified. Hardware requirements. - IBM PC- or compatible. - 512KB memory. - 360KB and 720KB diskette drives; or 1.2MB fixed drive and one 360~ diskette drive. Operating System. - MS-DOS Version 2.0 or later. User Interface/Ease of Use. - Interactive questionnaires. Documentation and Training. - User manual. - On-site training. - Demonstration diskette. Developer/Vendor. Los AIamos National Laboratory, Los AIamos, NM; (505) 667-7777. Remarks. The LAVA methodology stresses a team approach for conducting the risk assessment. It is recommended the team be composed of people with a broad spectrum of backgrounds and expertise to ensure a thorough assessment. It is further recommended that a consensus among the group be reached before entering an answer to any of the questions, and that in some cases this may be the most difficult part of administering this risk management software. Distribution of this package is handled through the National Security Agency (contacts include Sam Samuelson (301)~688-6022; Ed Markel (301) 688-6022; or John LaPaille (301) 688-5331. LRAM (Livermore Risk Analysis Methodology) Methodology: Quantitative. A government-developed system, this methodology is structured to allow screening of asset/threat-event combinations so that only high impact risks are reviewed. The methodology focuses attention on the effectiveness of proposed security controls as well as those already in place. LRAM is divided into three major phases to include project planning, risk analysis, and decision support. The initial phase defines the scope of the analysis and identifies needed resources and personnel. The second phase analyzes the data collected from phase 1. In this second phase, risk elements are identified by establishing corresponding threats, control and asset components, the results of which are provided as input for the final decision support phase. The final decision support phase is meant to assist in the security management of information. It is a process to select and list in priority order each recommended safeguard on the basis of cost benefit estimates and other decision indexes. Hardware Requirements. - IBM PC or compatible. - 640K memory. - One diskette drive and fixed drive. Operating SYstem. - MS-DOS Version 2.0 or later. User Interface/Ease of Use. - Menu-driven. Documentation and Training. - User manual. Developer/Vendor~ Lawrence Livermore National Laboratory, Livermore, CA; (415) 423-3083 or 543-3082. Remarks. MARION Methodology. Qualitative/Quantitative. LION assesses business risks associated with information systems drawing on a large database of actual incidents. The software incorporates a questionnaire to evaluate the level of security that is currently being applied within the organization. Each question is allocated a weighting which reflects the relative importance according to the analysis of the underlying database of events. A score is allocated for each question; the responses and scores are stored. The software calculates the overall score for 27 categories of security and presents the results graphically and in printed form. Once the current security profile has been determined, MARION compares each category with industry norms which are derived from the database. The software uses the information on costs also held iii the database to calculate an estimated expenditure in relation to the total security budget. The calculated costs are analyzed according to the nature of the security category and presented graphically in detailed tables. A "what-if" capability allows one to use different budgets to determine the effects on the security profile. The effects of the proposed measures can also be displayed. Hardware Requirements. - IBM PC or compatible. - 5l2K memory. - Graphics capability. Operating System. - MS DOS 2.0 or later. User Interface/Ease of Use. - Menu-driven. Documentation and Training. - User Manual. Developer/Vendor. Coopers & Lybrand (United Kingdom firm), Plumtree Court, London EC4A 4HT, telephone 01-822-4678. Remarks. MARION is a methodology developed in France. Coopers & Lybrand are the agents for the package in the UK. They have worked with a French software house PSI to produce an English version of the package and supporting reference material. MicroSecure Self Assessment Methodology. Qualitative. An automated software tool that will allow PC users to conduct a security self-assessment. The software analyzes the PC environment, determines the vulnerabilities, and recommends security controls. Those safeguards recommended are designed to increase security and reduce exposures in six areas to include system integrity, data security, credibility, data integrity, backup and disaster recovery, and confidentiality and privacy. The software may be customized to meet specific requirements. Hardware Requirements. - IBM PC or compatible. - 256K memory. - One diskette drive. Operating System. - MS DOS 2.0 or later. User Interface/Ease of Use. - Menu-driven. Documentation and Training. - User Guide. - On-line tutorial. Developer/Vendor Boden Associates, East Williston, NY; (516) 294-2648. Remarks. An optional question quiz is provided at the end of each chapter of the training course. Recommendations for corrective action can be printed directly to the printer or written to an ASCII text file for editing. MINIRISK Methodology. Qualitative. MINIRISK is a tool designed to assess computer security vulnerabilities in a micro computer environment. A vulnerability assessment questionnaire allows the organization to evaluate the adequacy and completeness of individual safeguards areas and to reevaluate these same areas after missing safeguards have been implemented. During the process of answering the MINIRlSK questionnaire, the user identifies missing safeguards in 10 to 50 vulnerability categories ranging from password management to contingency planning and internal audit controls. Safeguards and controls considered mandatory by the organization have been appointed for each category that is to be reviewed. The absence of certain safeguards determines the level of vulnerability on a scale of zero to 9, with zero being the best case, and 9 the worst. MINIRISK establishes a threshold by which to evaluate vulnerabilities that exceed an acceptable risk level. Hardware Requirements. - IBM PC or compatible. - 64KB memory. - One diskette drive. Software Requirements. - MS-DOS Version 2.0 or later. User Interface/Ease of Use. - Menu-driven. - Online HELP facility. - User defined questionnaire. Documentation and Training. - User manual. - Training is not offered with the purchase. Developer/Vendor. Nander Brown & Co., Reston, VA.; (703) 689-4580. Remarks. Government organizations may obtain this software at no cost. PRISM Risk Analysis and Simulation for the PC Methodology. Qualitative. Prism supports development of risk analysis modelling, simulation, sensitivity analysis, and graphical presentation of results. It also contains system functions to save, retrieve, display, and modify existing models. In addition to simple algebraic equations, Prism permits use of BASIC-like statements to model more complex applications. Hardware Requirements. - IBM PC or compatible. - 512K fixed drive. Operating System. - MS-DOS 2.0 or later. User Interface/lEase of Use. - On-line HELP facility. Documentation and Training. - User manual. - Training and on-site seminars. - Consulting services available to assist in model development. Developer/Vendor. Palisade Corporation, Newfield, NY; (607) 564-9993. Remarks. QUICKRISK Methodology: Qualitative. Quikrisk requires the user to input information about the systems and facilities on a scenario form. These forms pertain to potential threats, current safeguards, and assets. Once all of the input information has been entered, the software computes the results which provide an annual loss exposure. An additional computation is performed which displays a return on investment for each control in place. The analyst also has the capability of modifying the results of previous computations by modifying the input data. In addition, the software is delivered with a threat file containing numerous threats and frequencies. The user has the capability of adding threats to this list. Hardware requirements. - IBM PC or compatible. - Two diskette drives. Operating System. - MS-DOS Version 2.0 or later. User Interface~se of Use. - Menu-driven. Documentation and Training. - User manual. Developer/Vendor Basic Data Systems, Rockville, MD; (301) 269-2691. Remarks. RANK-IT Methodology. RANK-IT is a risk assessment software package that uses the Delphi technique. Delphi is an expert system approach to risk ranking. This software automates the Delphi technique by adding Comparison Risk Ranking to obtain an ordinally ranked list of the items being ranked or to calculate percentage risk values. Each ranked item has a numerical value that can be used as a weighting factor or a cardinal number value. RANK-IT is used to risk rank system threats, controls, vulnerabilities, components, or any other criteria. It also can be used to rank other types of business decision alternatives, whether quantifiable or not. The developer suggests that the time required to conduct a risk ranking using this combined Delphi and Comparison Risk Ranking methodology can range from 30 minutes to three hours. Hardware Requirements. - IBM PC/XT/AT or compatible or IBM Personal System/2. - 5l2KB memory. - Single diskette drive or fixed disk (300K memory required). - Graphics capability. Operating System. - MS-DOS Version 2.0 or later. User Interface/Ease of Use. - Menu-driven. Documentation and Training. - Demonstration diskette. - User manual. - Tutorial and training diskettes. - One-day on-site training upon request. Developer/Vendor. Jerry Fitzgerald & Associates, Redwood City, CA; (415) 591-5676. Remarks. Risk Analysis System (RA/SYS) Methodology. Quantitative. RA/SYS is an automated risk analysis system which processes with a series of interconnected files that can assess up to 50 vulnerabilities and assets and 65 threats. Calculations are performed on threat/vulnerability pairs to produce threat ratings and threat frequencies. A report summarizes loss estimates, cost benefit analysis, and return on investment. Hardware Requirements. - IBM PC or compatible. - 128KB of memory. - Two 360KB diskette drives or 640KB fixed drive. Operating System. - MS-DOS Version 2.0 or later. User Interface/Ease of Use. - Menu-driven. - On-line HELP facility. Documentation and Training. - User manual. - Technical assistance available upon request. Developer/Vendor Nander Brown & Co., Reston, VA; (202) 689-4580. Remarks. Government agencies may obtain copies of this software at no charge. RiskCALC Methodology. Quantitative or Qualitative. An annual loss expectancy (ALE) or other metric is computed based on an answered questionnaire. The user may optionally change the values of RiskCALC variables to determine the most cost-effective safeguards and display the results on the user's screen. RiskCALC is part of a 'family' of software tools described below. They each provide a standard ASClI file interface for exporting and importing RiskCALC variables. o RiskCALC allows the user to answer questions and print reports into which values elicited from the questionnaire are automatically inserted. o Risk Minimizer identifies an organization's most significant risks from a completed analysis. Risk Minimizer may be used with other risk management software tools that use the RiskCalc file format. 0 The System Manager assists in designing or customizing an existing risk analysis model. o The Demonstration Models allow the user to develop a site-speciiic questionnaire or select one that models several risk scenarios. Hardware requirements. - IBM PC or compatible. - 5I2KB memory. - Fixed drive is optional but recommended. Operating system. MS-DOS Version 2.1 or later. User Interface/Ease of Use. - Menu driven. - On-line help facility. - Lotus-like iriterface. Documentation and Training. - User and system administrator manuals. - One day on-site training with purchase. - A three-day course on computer security and risk management is available upon request. Developer/Vendor. Hoffman Business Associates, Inc., Chevy Chase, MD., (301) 656-6205. Remarks RISKPAC Methodology. Qualitative. This software product is composed of three components--questionnaire, surveys, and reports. The results of the questionnaire are stored in a 'survey' which provides the basis of the analysis. The questions point to discrete categories that provide a review of an organization's policies, physical environment, processing hardware and the applications and data which make up a system. Each of these categories are evaluated separately. A variety of questionnaires that apply to several disciplines (e.g., manufacturing, banking, and government) are available. 'Reports' provide the results of the evaluation expressed on a scale of one to five, with five representing a worst-case scenario. The weighting and scoring algorithms are based on Kepner/Tregoe type of analysis. The package can produce data files that can be input to various database spread sheets. Further, the software is equipped with a number of utility routines that allow organizations to develop their own questionnaires. This 'System Manager' capability is available separately. Hardware Requirements. - IBM PC, PC/XT, or PC/AT or compatible. 256K ofmemory. - Two diskette drives or 10MB fixed drive. Operating system. - MS-DOS Version 2.0 or later. User Interface/Ease of Use. - Menu-driven. Documentation and Training. - User manual. - Training provided upon request. Developer/Vendor: Computer Security Consultants, Ridgefield, CT, Subsidiary of Computer Security Consultants, LTD.; (203) 431-8720. Remarks. RISKWATCH Methodology. Qualitative/Quantitative. The RISKWATCH software is capable of analyzing organizations, facilities, systems, applications and networks, both large and small. RiskWatch distinguishes between financial, critical, sensitive and classified systems. The system access relational data bases that contain over thousands of relationships between threats, assets, vulnerabilities, losses, and safeguards. Responses to a questionnaire which addresses a wide variety of job functions is combined with the databases to produce a comprehensive risk analysis report. This report also provides an asset inventory, a detailed list of vulnerabilities, threat analysis with annual loss expectancies and recommended safeguards that include return-on-investment. The system provides a query capability for any selected threat, asset, vulnerability or safeguard. Hardware requirements. - IBM-XT/AT or compatible. - 640K memory. - 10MB fixed drive. - Graphics. - Color monitor. Operating system. - MS DOS Version 2.1 or higher. User Interface/Ease of Use. - Menu-driven. Documentation and Training. - User manual. - Training provided upon request. Developer/Vendor. Expert Systems Software, Inc., Long Beach, CA (213) 499-3346. Remarks. The software can be customized to meet the needs of both defense and civil organizations. LOGICON is authorized to distribute this software package, Arlington, VA (703) 486-3500.  Downloaded From P-80 International Information Systems 304-744-2253