- External reference: https://en.wikipedia.org/wiki/EBIOS
EBIOS - Wikipedia
EBIOS (Expression des Besoins et Identification des Objectifs de Sécurité - Expression of Needs and Identification of Security Objectives) is a method for analysis, evaluation and action on risks relating to information systems. It generates a security policy adapted to the needs of an organization.
The five steps of the EBIOS method are:
- Circumstantial study - determining the context;
- Security requirements;
- Risk study;
- Identification of security goals; and
- Determination of security requirements.