Manage Operational Risk Like a Bank!
Eric Tompkins, Principal Consultant : 08 June 2009 / 11:59 AM : 4 
Security leaders often find themselves responsible for the management of organizational risks beyond those traditionally thought of as the purview of security. In past years, security was confined to the application and operation of controls to reduce vulnerabilities. The current risk environment exposes businesses and government agencies to threats never before perceived. This has resulted, many times, in the governing bodies of organizations incorrectly pushing the responsibility for business risk management to the practitioner level. This is a mistake because only governance bodies have the authority to manage business risk.
One major class of business risks is Operational Risk. While there is no one “correct” definition of operational risk, it may be easiest to thi...
Tagged: Business Continuity Business Impact Analysis Disaster Recovery Governance Risk and Compliance Information Security Physical security Risk management Security maturity
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
|
|