Select Page

Information Security Risk Assessments

Information security risk assessment is an integral process in developing an effective information security management system. Unless the organization understand and document the information security status or the information security risk posture, they would not be...

NIST Guide for Conducting Risk Assessments

NIST has updated the Guide for Conducting Risk Assessments (NIST Special Publication 800-30) to a great extent and the draft is publicly available for comments. The focus of this Guidance is on Risk Assessment as the risk management is covered by another guidance from...

New guidance on risk appetite

Risk appetite today is a core consideration in any enterprise risk management approach. As well as meeting the requirements imposed by corporate governance standards, organisations in all sectors are  increasingly being asked by key stakeholders, including...