Published: February 3, 2014
Citation: IT Professional vol. 16, no. 1, (January-February 2014) pp. 20-21
Author(s)
L. Wilbanks, Richard Kuhn, W. Chou
Risk management is a common phrase when managing information, from the CISO to the programmer. We acknowledge that risk management is the identification, assessment and prioritization of risks and reflects how we manage uncertainty. These are some areas of risk that we have come to accept, their mitigation strategies are part of our development, part of our everyday work. Most IT professionals would agree that IT is good at identifying and managing the risks. But is that really the case or has risk management/mitigation become a buzz word for us?
Risk management is a common phrase when managing information, from the CISO to the programmer. We acknowledge that risk management is the identification, assessment and prioritization of risks and reflects how we manage uncertainty. These are some areas of risk that we have come to accept, their...
See full abstract
Risk management is a common phrase when managing information, from the CISO to the programmer. We acknowledge that risk management is the identification, assessment and prioritization of risks and reflects how we manage uncertainty. These are some areas of risk that we have come to accept, their mitigation strategies are part of our development, part of our everyday work. Most IT professionals would agree that IT is good at identifying and managing the risks. But is that really the case or has risk management/mitigation become a buzz word for us?
Hide full abstract
Keywords
computer security; risk management; security; security evaluation
Control Families
None selected