risk science « The New School of Information Security

Posts Tagged “risk science”

ISACA CRISC – A Faith-Based Initiative? Or, I Didn’t Expect The Spanish Inquisition

by alex on July 2, 2010

In comments to my “Why I Don’t Like CRISC” article, Oliver writes: CobIT allows to segregate what is called IT in analysable parts. Different Risk models apply to those parts. e.g. Information Security, Architecture, Project management. In certain areas the (…)

Read the rest of this entry »

6 comments • Tagged as: CRISC, risk, risk analysis, risk management, risk modeling, risk science
Share on Twitter, Facebook, Delicious, Digg, Reddit

For Blog/Twitter Conversation: Can You Defend “GRC”?

by alex on December 15, 2009

Longtime readers know that I’m not the biggest fan of GRC as it is “practiced” today. I believe G & C are subservient to risk management. So let me offer you this statement to chew on: “A metric for Governance (…)

Read the rest of this entry »

15 comments • Tagged as: GRC, metrics, risk management, risk modeling, risk science, Science of Risk Management, security management, Security Models
Share on Twitter, Facebook, Delicious, Digg, Reddit

Rich Mogull’s Divine Assumptions

by alex on November 13, 2009

Our friend Rich Mogull has an interesting post up on his blog called “Always Assume“. In it, he offers that “assumption” is part of a normal scenario building process, something that is fairly inescapable when making business decisions. And he (…)

Read the rest of this entry »

Leave your comment • Tagged as: Rich Mogull, risk management, risk science, Science of Risk Management
Share on Twitter, Facebook, Delicious, Digg, Reddit

Posts Tagged “risk science”

ISACA CRISC – A Faith-Based Initiative? Or, I Didn’t Expect The Spanish Inquisition

For Blog/Twitter Conversation: Can You Defend “GRC”?

Rich Mogull’s Divine Assumptions

Search

What You’ve Said

Tag Cloud

Archives