ISAO 700-1: Introduction to Analysis v0.1

Request For Comment

The request for comment period for this draft concluded on Thursday, May 3. All comments are currently under review and adjudication by working groups. Comments received after the May 3rd deadline are welcomed and may be included in future adjudication and revision periods.

The purpose of analysis is to produce intelligence that decreases uncertainty in decision making and therefore reduces risk. This document provides an introduction to the information analysis process and how an Information Sharing and Analysis Organization (ISAO) can use it to identify, define, and mitigate cyber-security threats. It is the authors’ intent to provide organizations a general understanding of the tools and processes needed for an analysis team to create cybersecurity information and intelligence within their ISAOs.

This document establishes a conceptual framework for an analytical process, including establishing information and intelligence requirements as well as collecting, processing, analyzing, and exploiting relevant data to generate products that provide ISAO members with cybersecurity situational awareness. The objective of sharing cybersecurity analysis is to provide ISAOs with actionable information, reduce uncertainty, and thereby reduce risk to enable decision makers. As a technical overview, this document is meant to foster discussion on both a managerial and an operational level.

Download This Draft Document
Having trouble viewing this document?

Submitted Comments

The ISAO SO invited the public to provide comments on this document from April 3, 2018 – May 3, 2018. Both fields listed below (line number and comment) are the exact contents as submitted by the commenter.

Return to Home -
navigate to home page of the site
Home
Back to top -
scroll to top of the page
To Top