The Security Risk Management Guide

This prescriptive guide helps customers of all types plan, build, and maintain a successful security risk management program. In a four phase technology-agnostic process, the guide explains how to build an ongoing process to measure and drive security risks to an acceptable level.
  • Version:


    File Name:

    Date Published:


    File Size:

    2.2 MB

      The Security Risk Management Guide explains how to conduct each phase of a security risk management project and create an ongoing process that drives the organization towards the most useful and cost-effective controls to mitigate security risks. It incorporates real-world experiences from Microsoft IT and also includes input from Microsoft customers and partners.

      This guide references many industry accepted standards for managing security risks. It is an important example of Microsoft's commitment to delivering quality guidance to help customers secure their IT infrastructures.

      Send questions or feedback to us directly at
  • Supported Operating System

    Windows 2000 Service Pack 4, Windows Server 2003, Windows XP

      1. Click the Download button at the top of the page to start the download.

      2. Do one of the following:

        • To start the installation immediately, click Open or Run this program from its current location.

        • To save the download to your computer for installation at a later time, click Save or Save this program to disk.

      3. To install the tools and templates:

        1. Navigate to where you extracted the content on your hard drive.

        2. Double-click the Security Risk Management Guide Tools and Templates.msi file.

        3. Accept the Microsoft Software License Terms.

        4. Follow the steps in the install process to complete the installation.

        5. Find the installed files in your My Documents folder or by looking in the Start/All Programs menu for a shortcut.

    • Solution Accelerators are free, scenario-based guides and automations designed to help IT Professionals who are proactively planning, deploying, and operating IT systems using Microsoft products and technologies. Solution Accelerator scenarios focus on security and compliance, management and infrastructure, and communication and collaboration.

      Get the Solution Accelerator Notifications Newsletter

      Subscribe to the Solution Accelerator Notifications newsletter so that you can stay informed about new Solution Accelerator releases and updates. The newsletter covers such areas of interest as

      • Communication & Collaboration
      • Security, Data Protection, & Recovery
      • Deployment
      • Operations & Management

      You may also receive invitations to participate in accelerator development via beta programs and customer surveys. Solution Accelerator Notifications is currently available in English only.

      If you’ve used a Solution Accelerator within your organization, please share your experience with us by completing this short survey (less than ten minutes long).
Site feedback

What category would you like to give web site feedback on?

Rate your level of satisfaction with this web page today: