Blog Posts Tagged with "Enterprise Risk Management"

9f19bdb2d175ba86949c352b0cb85572

Manage Risk Before it Damages You - Part One

March 20, 2012 Added by:Neira Jones

Assuming we have managed to address the infosec gap, we’re left with ensuring the security of information assets and services. Because we are all governed by material pressures, it would be unrealistic that we should embark on all encompassing programs to secure all assets..

Comments  (0)

6462807771e81d9c33eb99307f5f3e77

On Effective Risk Handling

March 08, 2012 Added by:Michele Westergaard

An effective risk management process allows for decision making by management with the best likelihood of achieving the desired results. It is not meant to create a brick wall for management to operate within, but more of recommended parameter within which to operate...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Cyber Insurance: Efficient Way to Manage Risk in the Cloud?

February 27, 2012 Added by:David Navetta

While customers may enjoy some short term cost-benefits by going into the Cloud, they may be retaining more risk then they want - especially where Cloud providers refuse to accept that risk contractually). Cyber insurance may be a solution to help solve the problem...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

A Checklist for a Move to the Cloud

February 26, 2012 Added by:Ben Kepes

There’s s flip side to technology democratization in that the high level of accessibility also means that it’s very easy for organizations to set themselves up as vendors – sometimes without the necessary level of professionalism that would be optimal...

Comments  (0)

2b5780ad1e088bd39b051f39f5058ff4

Time for a Change in our Attitude Around Risk

February 05, 2012 Added by:Norman Marks

When is the last time you saw an audit report that said management had too many controls or was not taking sufficient risk? When did you last hear a risk officer urging planners to move into a new market more quickly? The same thing applies to information security personnel...

Comments  (2)

6462807771e81d9c33eb99307f5f3e77

On Enterprise-Wide Risk Management

January 23, 2012 Added by:Michele Westergaard

Certain tasks can be defined via policy as needed but are really the small part of the role. An overarching role is to understand the key issues facing the organization, creatively challenge business processes by asking what can go wrong, then working to plug the potential holes...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Ten Steps to Protect Your Organization's Data

January 13, 2012 Added by:Danny Lieberman

Despite claims that protecting data assets is strategic to an enterprise, and IT governance talk about business alignment and adding value – my experience is that most organizations will not do anything until they’ve had a fraud or data security event...

Comments  (0)

2b5780ad1e088bd39b051f39f5058ff4

How to Assess the Effectiveness of Internal Control

January 11, 2012 Added by:Norman Marks

“When a principle is deemed not to be present or functioning, an internal control deficiency exists. Management applies judgment in evaluating whether a deficiency prevents the entity from concluding that a component of internal control is present and functioning..."

Comments  (1)

59d9b46aa00c70238bb89056cfeb96c0

Risk Management – More Than Just Risk Assessment

December 22, 2011 Added by:Thomas Fox

Risk management must be linked to the organization’s purpose and goals. Your company must to be disciplined. It cannot simply develop a risk assessment and then not use it to look at risk generally. As important as systems are, they must be practical, and linked to what your company does...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Transparency in Cloud Services from the Security Perspective

December 16, 2011 Added by:Rafal Los

There is an operational perspective in terms of provider transparency. We are now starting to see cases where a SaaS service offering is built on top of a PaaS service, built using multiple IaaS services and that is enough to make anyone's head spin...

Comments  (0)

34f0cf280cbc950bcb75cabd189b7a8d

Webinar: How to Minimize the Risks of a Data Breach

October 21, 2011 Added by:Kanguru Solutions

Kanguru Solutions has teamed up with Cyber Data Risk Managers LLC to host a FREE webinar on cyber security and infosec entitled “How to Minimize the Risks of a Data Breach/Cyber Attack.” This free webinar will discuss data security, privacy and measures to take in the event of a data breach...

Comments  (0)

15058930cc374dcfa98c0342a08be0b2

Security Trends: Which to Avoid and Which to Embrace

September 30, 2011 Added by:Ken Stasiak

With Enterprise Risk Management (ERM) comes a comprehensive risk assessment equation and process. Defining one process that can be used and incorporated into the entire organization will allow for conformity, efficiency, and effective alignment between departments...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Compliance Champions: People Solving Problems

September 20, 2011 Added by:Thomas Fox

One of the goals of such a Compliance Champion program is to train employees to be your first line of compliance people on the ground, both to respond to routine queries and to alert the Legal/Compliance Department if a problem needs to be escalated...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

CIOs Should Earn More Money and Respect

July 22, 2011 Added by:Bill Gerneglia

A few years ago when a CIOs responsibilities consisted of running the IT shop efficiently, it was difficult to make the case that they belonged in the top managerial tier or deserved a seat at the executive conference table. That was then. Today CIOs’ responsibilities have grown significantly...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Fostering Compliance Across Your Company

July 20, 2011 Added by:Thomas Fox

Without the support of top management, a compliance program is doomed to failure. This also means that the goals of compliance need to be incorporated into overall leadership goals. If goals are simply performance based, employees will understand that is what the company values...

Comments  (0)

01c4fd4b99c7e58b46a7156c08e722ea

The New CompTIA CASP Certification

July 01, 2011 Added by:Michael Gregg

The CompTIA Advanced Security Practitioner (CASP) is an advanced enterprise level cert for those with 10+ years IT experience and at least five years in security. While there are many entry-level certifications, CASP will be the enterprise-level advanced security certification...

Comments  (0)

Page « < 1 - 2 - 3 > »