PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
March 2004

Implementing a better operational risk management framework

Critics and pundits frequently charge infosecurity with having the same level of scientific rigor as witch doctoring -- in other words, lacking governance. Both witch doctoring and infosecurity have elaborate tradition and ritual intended to exorcise hostile forces, and both find it difficult to provide credible evidence that they're beneficial. Practitioners often make a good show of it, but you'll likely find a little man pulling levers and shouting into a microphone if you look behind the curtain. A number of occupations considered more "mainstream" and "mature" approach risk in equally unproductive ways. Lawyers and accountants, for example, are preoccupied with preventing and recovering from undesirable events. While they've certainly had some success, they don't demonstrate a consistently methodical approach to risk management. Ask a contract lawyer to analyze a business agreement, or an accountant to look at a set of books, and you'll usually get an awkwardly long laundry list of things that could go wrong. What you won't...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue

  • The security improvements of Microsoft ISA Server 2004

    by  Victor R. Garza

    In an effort to bolster its security image, Microsoft is going to release its ISA Server 2004 later this year. Here you will learn about the security improvements of Microsoft ISA Server 2004.