Risk Management

Doing More Than Paying Risk Management Lip Service

whateverRisk management is a commitment that is sometimes embellished in regard to its execution. 

“It's easy to commit to concepts, but execution depends on something more concrete,” says Tim Erlin, director of IT risk and security strategy for Tripwire. “While the idea of managing information security in alignment with business risks is attractive, there's not a lot of guidance or best practice information to inform execution.”

A new study shows that 81% of US Professionals believe that their organization is committed to risk based management, but less than 30% have strategies in place. Here are things to do to mature your risk management practices:

  • Defining risk and the organization's appetite for risk
  • Consider creating a common risk nomenclature or risk catalogs
  • Make sure risk management and security management tools are working better together
  • No matter what system the organization uses to define risk, it should be considering the asset at play

Show More

Leave a Reply


We use cookies on our website

We use cookies to give you the best user experience. Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.