Determining Your Risk Tolerance

What is your organization’s risk tolerance?

The process of determining risk tolerance can be a tricky one. However, there are specific steps that can be taken to determine risk tolerance and help secure your organization.

It’s not a case of one-size-fits-all; each organization needs a customized system. As Craig Shumard points out in this article, different organizations are motivated by different factors. For this reason, it is important that organizations establish a formal risk assumption model involving the CEO or Board of Directors.

After the risk has been identified, the next step is to determine who is authorized to make security risk decisions. In most cases, the best option is to have the CISO serve as the first line of defense. This means making sure that the CISO has the appropriate clearance and authority over security matters.

Original article by Craig Shumard.
Read the full story here.

Related Posts

The Magnificent Seven 2023

Seven Trends . . . …that small bank Information Security Officers face in 2023 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcom...
READ MORE

“Phone Phishing” – Awareness Poster (Re-release)

Another awareness poster for YOUR customers (and users). Now that we have our own employees aware, maybe it’s time to start posting content for our customers!Check out posters.infotex.com for...
READ MORE

“Strong Password Tips” – Awareness Poster

Another awareness poster for YOUR customers (and users). Now that we have our own employees aware, maybe it’s time to start posting content for our customers!Check out posters.infotex.com for...
READ MORE

infotex

MANAGING TECHNOLOGY RISK

Linkedin-in Facebook-f Youtube Twitter

SERVICES

EDUCATION

COMPANY

CONTACT

SIGN UP FOR OUR BLOG

As part of infotex‘s service to our clients, find “non-mainstream” articles about relevant security issues.

Facebook Youtube Twitter