One of the most important responsibilities of the information security professional (or any IT professional, for that matter) is to help management make well-informed decisions. Unfortunately, this has been an illusive objective when it comes to risk.
Tag: risk management
Operational Resilience through Managing External Dependencies
These days, organizations are rarely self-contained. The challenge here is how to manage the dependencies your operations have on factors that are outside your control. The Open Group’s Dependency Modeling (O-DM) standard specifies how to construct a dependency model to manage risk and build trust over organizational dependencies between enterprises – and between operational divisions within a large organization.
Creation of a strategy for the consumption and management of Cloud Services in the TOGAF® Preliminary Phase
In a previous article, “Cloud Computing requires Enterprise Architecture and TOGAF 9 can show the way,” I described the need to define a strategy as an additional step in the TOGAF 9 Preliminary Phase. This article describes in more detail what could be the content of such a document, specifically, what are the governance activities related to the Consumption and Management of Cloud Services.
Security Forum Completes Third & Final Phase of Risk Management Project: Cookbook for ISO/IEC 27005:2005
We created the Cookbook for ISO/IEC 27005:2005 for anyone tasked with selecting, performing, evaluating, or developing a risk assessment methodology. I can say with confidence that we have met our goals in creating comprehensive and needed guidance and standards in the area of risk analysis.
PODCAST: Impact of Security Issues on Doing Business in 2011 And Beyond
Listen to our recorded podcast on how enterprises need to change their thinking to face cyber threats, or read the transcript. The podcast was recorded by Dana Gardner of Interarbor Solutions at The Open Group Conference, San Diego 2011.
Open Group conference next week focuses on role and impact of enterprise architecture amid shifting sands for IT and business
The Open Group Conference, San Diego: I’ve found these conferences over the past five years an invaluable venue for meeting and collaborating with CIOs, enterprise architects, standards stewards and thought leaders on enterprise issues. It’s one of the few times when the mix of technology, governance and business interests mingle well for mutual benefit.