Premium Content

Access "Roundtable: Practical strategies for enterprise-wide risk management"

Andrew Briney Published: 02 Jun 2003

Conversation: Four CISOs explore practical strategies for enterprise-wide risk management, from classification to assessment to monitoring to response. Participants: RON BAKLARZ Chief Information Security Officer, American Red Cross ROBERT GARIGUE Chief Information Security Officer, Bank of Montreal Financial Group LESTER JOHN Assistant Vice President of Security, Fleet Securities BOB WYNN Chief Information Security Officer, State of Georgia   INFORMATION SECURITY MAGAZINE (ISM): Risk assessment is a fundamental responsibility for infosecurity managers. There are lots of formal models for this--annualized loss expectancy (ALE), cost/benefit analysis, Six Sigma, etc. How comprehensive should a risk assessment be, and should the CISO always follow a formal model? ROBERT GARIGUE, BANK OF MONTREAL: The CISO probably has the best perspective on technical risks. But their perspective gets a bit murky when it comes to the total picture of operational risk, where the company has to deal with things like legal issues and regulatory procedure. So it's important for ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside


More Premium Content Accessible For Free