Skip to content

andrew sheves

simplifying risk management

  • Books
  • Blog
  • Guides
    • Enterprise Security Risk Management
    • Building a risk management system
    • Conducting a Risk Assessment
    • Getting started
  • Software
    • DCDR blog posts
  • Courses

Author: Andrew

I build tools and software to make risk management accessible.

Some AI Safeguards

January 27, 2023January 27, 2023 ~ Andrew ~ Leave a comment

The now widely available AI tools open up a lot of possibilities but there are still some limitations Here are five things worth keeping in mind.

A Small Data Approach to Risk Metrics: Risk Metrics White Paper

December 14, 2022December 14, 2022 ~ Andrew ~ Leave a comment

A small data approach will speed up and simplify the risk analysis process, free up resources, and avoid creating the impression of greater understanding than there actually is. This paper explains how such a system could work. (An update on the risk metrics project.)

Chatting with an AI about Risk Management

Bender the robot from Futurama
December 13, 2022December 12, 2022 ~ Andrew ~ Leave a comment

I chatted with OpenAI's Chatbot the other day and asked it some questions about risk management. The answers were clear, nuanced and thoughtful, supporting all the hype surrounding the tool. Here's the unedited transcript.

Why (and How) You Should Conduct an End of Year Risk Management Review

December 2, 2022December 5, 2022 ~ Andrew ~ Leave a comment

Use this simple five-step process to conduct an end of year review of your risk management system to prepare for the year ahead.

Risk Management Isn’t Just About Compliance

November 28, 2022November 28, 2022 ~ Andrew ~ Leave a comment

Before you conduct any risk management project, I'd recommend starting from first principles, asking, 'what effect is this program meant to achieve?' Keeping this top-level outcome in mind will ensure that you achieve the aim and don't just conduct a check-the-box exercise.

The Signal and The Noise – Book Review

November 21, 2022November 20, 2022 ~ Andrew ~ Leave a comment

The Signal and The Noise is a great read that explains why and how you need to mix statistics and experience in your predictions and decision-making. It may seem technical and math-heavy at first glance, but Nate Silver makes this an easy read.

The Question You Can’t be Afraid to Ask

November 14, 2022November 14, 2022 ~ Andrew ~ Leave a comment

Something that's very hard to do as a consultant is to say, 'I don't know,' or admit a knowledge gap. But you've got to overcome any discomfort because it's critical that you're honest about your knowledge gaps if you want to understand an organization or situation.

Risk Metrics Project Update – November 2022

November 8, 2022December 14, 2022 ~ Andrew ~ Leave a comment

An update on the risk metrics project: 20 metrics that are worth tracking for your threat and risk assessments

How vs. What: Don’t stop your planning too early

November 1, 2022October 31, 2022 ~ Andrew ~ Leave a comment

A problem I've observed is that we often mistake deciding what we need to do and how we will do it. This confusion makes us think that a problem's been solved when, in fact, all we've done is identify the effect we want to achieve, not how we're going to get there.

Flirting with Disaster – a Book Review

October 24, 2022October 17, 2022 ~ Andrew ~ Leave a comment

Flirting with Disaster is a great read for anyone wishing to mitigate and avoid catastrophic events. There's enough technical info to help you understand the key concepts but the pace is fast and the story-telling is engaging. It's definitely a must-have for any risk manager or decision-maker's bookshelf and I've returned to it many times in my work.

Posts navigation

Older posts

Search for something

Books

NEW! The Consultant’s Handbook.

Now available on Amazon*

 

Go Beyond The Spreadsheet for a deep dive into the risk assessment process

 

Building a risk management system? Get my step-by-step guide.

build a risk management system with this handbook

Feeling sociable?

  • Medium
  • Twitter
  • LinkedIn

Note that some of the links on the site may contain affiliate links. These help me earn a more if you purchase anything using that link but it doesn't cost you anything extra. I've marked these with an (*)

Wondering why there’s no cookies popup? Simple. We don’t use ’em.
Instead, we use Fathom Analytics to preserve your privacy.

Powered by WordPress.com.
 

Loading Comments...