We stress this approach, as it is the way to ensure that your security management is not driven by the fear, uncertainty and doubt principle. Furthermore, it gives us a goals based attitude that counters the ostrich principle of risk management.

In common with all security fields information security is non intuitive. Simple functional testing is not sufficient as any security claim implies that we prove a negative (no one can access this data without being on the 'entitled' list). The resolution is to examine the design and test sufficiently for the security assurance needed. This emphasizes the essential need for specialist staff's skills and experience with engineering techniques.

We have already outlined that even the requirements, policy or security objectives phase of any security task is undermined if security engineering experience is not used to think ahead. Unfortunately, these disadvantages may not be realized until later leading to very expensive costs in terms of security management, incident handling and ad hoc security measures.

The other benefit from this approach is that the work done is traced and reasoned. This allows it to transferred into your company and allows for certain changes that you may be able manage internally