Microsoft has published a new Security Risk Management Guide that helps people "plan, build, and maintain a successful security risk management program."

The book contains six chapters titled Introduction to the Security Risk Management Guide, Survey of Security Risk Management Practices, Security Risk Management Overview, Assessing Risk, Conducting Decision Support, and Implementing Controls and Measuring Program Effectiveness. It also has four appendices, Ad-Hoc Risk Assessments, Common Information Systems Assets, Common Threats, and Vulnerabilities.

The book was written by Kurt Dillard of Microsoft Solutions for Security, and  Jared Pfost of Microsoft's  Security Center of Excellence. Content was also contributed by  Price Oden and  Jeff Williams.

The new guide is available freely on the company's TechNet Web site. You can find more security help from Microsoft at its Security Guidance Center , and check its " Recently Published " page to quickly locate the latest information.