Conducting a risk assessment is a big project and, like any big project, there are a lot of things between you and success. However, there are five common risk assessment problems that crop up time and time again. These make the difference between success and failure no matter what else you do. Keep these five … Continue reading Five Risk Assessment Problems that Threaten your Next Assessment
Risks themselves aren’t objective or subjective. It’s how we approach things that makes risks subjective or objective.
Two major events are going to happen in US within the five years. One is a replay of the US subprime mortgage collapse which spawned the 2008 financial crisis. The other will occur when the bubble of college debt bursts. Both events - one of which may well trigger the other - will cause massive … Continue reading This time it isn’t different
September is a great month for getting things done. Wherever you are, the summer / winter doldrums are over and you are full of energy after summer vacation or now that spring has sprung. And if you have any plans to build or update your enterprise risk management system by the end of the year, this might your last chance to get started.
We often say ‘the devil is in the detail’ meaning that it is the small things that will catch us out. But sometimes the problem begins by looking at the details in the first place. Don’t get me wrong, I’m a fan of details. I believe the more planning and specificity you can put into … Continue reading The devil is the detail
“The first rule of snakes [problems] is, if you see a snake, you kill it….Just take care of it” Jim Barksdale, former CEO Netscape It’s rare for an event to be truly unexpected. We know that our personal habits affect our health. We know that incorrect use of tools and machinery can cause injury. We … Continue reading If it looks like a duck (or a snake)….
This post originally appeared on Quora in response to the question 'What is a risk mitigation plan?' Link What is a risk mitigation plan The risk mitigation plan is a series of specific actions or steps you will take in response to a risk once you have completed your risk assessment. However, before you start … Continue reading What is a risk mitigation plan?
This post first appeared on Quora in response to the question 'How do you convince people to take a risk in a company?' Link. How do you convince people to take a risk in a company? Firstly, I don’t think we should ever push people to take risks that 1) they are uncomfortable with and … Continue reading Convincing people to take risks
This post originally appeared on Quora in answer to the question "How does risk management fit in security risk management profession?" Link How does risk management fit in security risk management profession? Ideally, a security manager will use a risk management foundation for their security management system. This will help integrate security risks into the … Continue reading Risk management and the security manager – a quick note
Summer's here* which means it's time for a change of pace and a chance to try something different for a couple of months. So instead of the normal longer-form pieces or interviews, I am going to stick to nice, short pieces for the next month or two. Perfect, bite-sized risk nibbles to keep your risk … Continue reading Summer shorts