This post originally appeared on Quora in response to the question 'What is a risk mitigation plan?' Link What is a risk mitigation plan The risk mitigation plan is a series of specific actions or steps you will take in response to a risk once you have completed your risk assessment. However, before you start … Continue reading What is a risk mitigation plan?
This post first appeared on Quora in response to the question 'How do you convince people to take a risk in a company?' Link. How do you convince people to take a risk in a company? Firstly, I don’t think we should ever push people to take risks that 1) they are uncomfortable with and … Continue reading Convincing people to take risks
I have been thinking about effective crisis management a lot recently and am working on a more in-depth piece on managing a crisis which I hope to publish soon. However, crises don't wait until we are properly prepared before they strike so I put together this quick set of suggestions as a stop-gap. Normally, I wouldn't … Continue reading 10 Tips For Crisis Management
Enterprise security risk management (ESRM) has been a topic of increasing interest for security managers over the past few years. ASIS International has identified it as a strategic focus. However, after a review of the literature, beginning with the 2010 CSO roundtable paper on ESRM, two issues are raised that could make ESRM implementation difficult. … Continue reading A KISS Approach to Enterprise Security Risk Management
Integrating a risk management system into your department or organization will be a major endeavor and while there are significant benefits to making this change, the degree of effort required should not be underestimated. Moreover, the overall workload of the organization and other major initiatives that might also be underway are major considerations when planning … Continue reading Integrating a Risk Management System into Your Organization