The rat race of vulnerability management
Patch management is one among the major IT Security concerns most of the organizations are worried about. It is practically not possible to have a 100% of the IT infrastructure…
Posted inRisk Management
Information Security Risk Assessments
Information security risk assessment is an integral process in developing an effective information security management system. Unless the organization understand and document the information security status or the information security…
Posted inRisk Management
IT Risk Management
Risk Management is a key term we keep discussing every now and then when we talk about information security. It often is the closing aspect of the identified risks. Risk…
Posted inRisk Management
NIST Guide for Conducting Risk Assessments
NIST has updated the Guide for Conducting Risk Assessments (NIST Special Publication 800-30) to a great extent and the draft is publicly available for comments. The focus of this Guidance…
Posted inRisk Management
New guidance on risk appetite
Risk appetite today is a core consideration in any enterprise risk management approach. As well as meeting the requirements imposed by corporate governance standards, organisations in all sectors are increasingly…
Posted inRisk Management
Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach.
NIST has recently released the final publication of the "Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach". This NIST special publication (NIST…