Konubinix' opinionated web of thoughts



EBIOS - Wikipedia

EBIOS (Expression des Besoins et Identification des Objectifs de Sécurité - Expression of Needs and Identification of Security Objectives) is a method for analysis, evaluation and action on risks relating to information systems. It generates a security policy adapted to the needs of an organization.

The five steps of the EBIOS method are:

  • Circumstantial study - determining the context;
  • Security requirements;
  • Risk study;
  • Identification of security goals; and
  • Determination of security requirements.