The book contains six chapters titled Introduction to the Security Risk Management Guide, Survey of Security Risk Management Practices, Security Risk Management Overview, Assessing Risk, Conducting Decision Support, and Implementing Controls and Measuring Program Effectiveness. It also has four appendices, Ad-Hoc Risk Assessments, Common Information Systems Assets, Common Threats, and Vulnerabilities.
The book was written by Kurt Dillard of Microsoft Solutions for Security, and Jared Pfost of Microsoft's Security Center of Excellence. Content was also contributed by Price Oden and Jeff Williams.
The new guide is available freely on the company's TechNet Web site. You can find more security help from Microsoft at its Security Guidance Center , and check its " Recently Published " page to quickly locate the latest information.