I had the opportunity yesterday to speak with Ron Woerner about Risk Management… and I was so impressed and excited about the tips and advice that he shared that I decided to get this out to you right away.
Ron Woerner is an expert in information security and has spearheaded an effort to develop an effective risk management program for a large company. He agreed to speak with me about his experiences – and provides great ideas, insights and information that we can all use!
I want to thank Ron for speaking with us and for sending along some resources. Iâ€™ve actually invited Ron to present on â€œFREE SECURITYâ€ in an upcoming free teleseminar for our newsletter subscribers. Subscribe today so you donâ€™t miss the resources he is going to share.
If you enjoyed this interview, please tell a friend, colleague or other security professional — this is an important topic, and the 25 minutes Ron shared will help anyone save a lot of time and money!
Risk Management Resources
ASIS International, General Security Risk Assessment Guideline, 2003
BITS, Kalculator: Key Risk Measurement Tool for Information Security Operational Risks, July 2004
Berinato, Scott, â€œEnterprise Risk Management,â€ CIO Magazine, November 1, 2004, pp. 46-58
NIST (National Institute of Standards and Technology), Special Publication 800-64: Security Considerations in the Information System Development Life Cycle, October 2003.
Risk Management FAQ, Carnegie-Mellon Software Engineering Institute