risk management

Information Security Risk Assessments

Information security risk assessment is an integral process in developing an effective information security management system. Unless the organization understand and document the information security status or the information security…

Binoy KL January 19, 2012

Risk Management

IT Risk Management

Risk Management is a key term we keep discussing every now and then when we talk about information security. It often is the closing aspect of the identified risks. Risk…

Binoy KL December 31, 2011

Risk Management

New guidance on risk appetite

Risk appetite today is a core consideration in any enterprise risk management approach. As well as meeting the requirements imposed by corporate governance standards, organisations in all sectors are increasingly…

Binoy KL September 27, 2011

Cyber Security

Building an Information Security Plan

Building a comprehensive Information Security plan requires a detailed understanding of the business and the related requirements. An Information Security plan should ensure that the business requirements are captured and…

Binoy KL January 11, 2011

Risk Management

Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach.

NIST has recently released the final publication of the "Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach". This NIST special publication (NIST…

Binoy KL March 9, 2010