A SECURITY OFFICERS WORKBENCH

The primary role of the security officer is to advise senior managemen t on the optimal deployment of security resources. This is a task of c onsiderable complexity and it is suggested that the security officer w ould be assisted by computer tools that provide an effective security model of the system under consideration, so that the system risks may be identified and prioritized. The development of such a model, based upon a risk data repository, is described. It is also suggested that a countermeasure architecture may be used to relate external threats to the logical nodes of system platform, and thence to physical and proc edural realities of the organization. The effort of software developme nt, data collection, encoding and entry for such a model could well pr ove to be excessive in terms of the expected benefits. It is therefore proposed, in this paper, that hypertext be employed to allow pre-exis ting data to be readily entered in its native form and then manipulate d by the security officer. This model has been used in a banking envir onment and the hypertext version has been employed in the study of a c omputerized university student admission system.