Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs Cisco Partner Summit Digital 2020 Lenovo Tech World Newsroom Dell Technologies World Digital Experience 2020 HPE Zone Masergy Zenith Partner Program Newsroom Dell Technologies Newsroom Fortinet Secure Network Hub Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom The IoT Integrator Lenovo Channel-First NetApp Data Fabric Intel Tech Provider Zone

The 10 Most Important Things A Company Needs In Its Risk Management Plan

Risk management has often focused too narrowly on just the IT department, failing to account for risks associated with business processes in other areas. Here's a look at what every company needs to have in their plan.

Back 1 ... 6   7   8   9   10   ... 11 Next

Probe Why Things Went Wrong

Risk management plans should not only measure risk, but also examine the impact of incidents where bad things happened, according to Optiv's Robinson. This diligence function should result in better management of each level of the risk management life cycle, Robinson said.

The diligence function should look for very specific controls—such as updated endpoint security on a laptop— and be able to articulate to the board and C-suite what the presence or absence of these controls means, Robinson said.

Explaining to nontechnical leaders why it's good to see certain controls in place is a form of process maturity in and of itself, Robinson said, and while it's driven by data and numbers, the functionality needs to go beyond just looking at the figures. Painting with broad brushstrokes makes it easier for leaders of an organization to understand what is and isn't working, according to Robinson.

Back 1 ... 6   7   8   9   10   ... 11 Next

sponsored resources