Microsoft published rev. 1.2 of their Security Risk Management Guide
The Security Risk Management Guide explains how to conduct each phase of a security risk management project and create an ongoing process that drives the organization towards the most useful and cost-effective controls to mitigate security risks. It incorporates real-world experiences from Microsoft IT and also includes input from Microsoft customers and partners.The Security Risk Management Guide 1.2
This guide references many industry accepted standards for managing security risks. It is an important example of Microsoft's commitment to delivering quality guidance to help customers secure their IT infrastructures.