Build A Risk Management Process You Can Be Proud Of
posted by John Spacey, October 10, 2011IT Risk Management can be a challenge for many organizations. The good news is that the process itself is relatively simple.
As a reference consider the ISO 27001 risk management process:
IT Risk Management begins with identifying and qualifying threats and vulnerabilities. The next step is to decide whether to accept, avoid, transfer or reduce each risk. Finally, risks need to be communicated and controls established.
It should be noted that Risk Management is only one component of a comprehensive ISO 27001 information security management system (ISMS).
Current state blueprints capture business, data and implementation architecture at the conceptual, logical and physical levels. |
Recently on Simplicable
3 Big Data Bulliesposted by Anna MarLike any powerful new tool, big data can either be used to improve life or to make life worse. |
IT ROI is Fading Fast as a Measure of IT Successposted by Anna MarSomebody tell the CFO — IT ROI has gone the way of the dinosaurs. |