Controlling and Managing Risk

Risk management plays a crucial role in helping organizations protect and secure their information assets. Effective risk management programs are a significant component of any IT security program. This article will discuss the role of risk management, including the identification, assessment, prioritization and diffusion of risks.

Risks, Threats & Vulnerabilities

Risk is often confused with other related terms and concepts. The lines between risks, threats and vulnerabilities are sometimes confused. Further, the terms “risk assessment” and “vulnerability assessment” are frequently used interchangeably, though they have very different applications.

The term “risk” is defined as the impact that could result from vulnerability, or the [...]

Share
August 10th, 2010 | Tags: , , , , , , | Category: CIPP, Information Security | Leave a comment

Common Risks Impeding the Adequate Protection of Government Information

In 2007, the Department of Homeland Security an Office of Management and Budget, along with the Presidential Identity Theft Task Force, investigated information privacy and security practices in the United States Government. They developed a report called the Common Risks Impeding the Adequate Protection of Government Information (pdf)which included a list of ten common mistakes made by U.S. departments and agencies and provided recommendations for new practices to be implement to eliminate and reduce security [...]

Share
March 22nd, 2010 | Tags: , , , , , , , , , , , , , , , , , , , , | Category: CIPP, Compliance & Regulations, Privacy | Leave a comment