Posts Tagged “risk analysis”

ISACA CRISC – A Faith-Based Initiative? Or, I Didn’t Expect The Spanish Inquisition

by alex on July 2, 2010

In comments to my “Why I Don’t Like CRISC” article, Oliver writes: CobIT allows to segregate what is called IT in analysable parts.  Different Risk models apply to those parts. e.g. Information Security, Architecture, Project management. In certain areas the (…)

Read the rest of this entry »

Measuring The Speed of Light Using Your Microwave

by alex on June 21, 2010

Using a dish full of marshmallows.  We’re doing this with my oldest kids, and while I was reading up on it, I had to laugh out loud at the following: …now you have what you need to measure the speed (…)

Read the rest of this entry »

Can quantitative risk estimation serve as a guide for every-day policy decisions?

by Russell on December 5, 2009

A methodology is presented for guiding individual policy decisions from a risk management perspective, using a form of “abduction validation”. An example is presented using the case of password change policy, drawing from recent blog discussions.