IT risk management – A business-driven approach presented at 44Con 2011

by George Quigley,

Summary : This talk will define IT risk management and explore how it relates to business objectives and what it should aim to achieve. So many organisations still fail to get the risk reward trade-off right, but simply throwing money at the problem won’t work.
Topics covered will include the increasing importance of IT Risk Management, IT risk governance, making the business case for IT risk management risk prioritisation and dealing with conflicting requirements, the economics of security and the importance of communication.
Using a risk assessment workshop that BDO carried out for a client following a serious security breach, George Quigley will demonstrate the linkages between understanding risks and preventing real-world breaches.