The big debate: control compliance vs. risk management

By CIO - 2021-03-09

Description

Industry-standard security frameworks are important, but they also need to align with the rest of your organization's risk management practices.

Summary

control compliance vs. risk management Industry-standard security frameworks are important, but they also need to align with the rest of your organization's risk management practices.
By using an industry best-practice framework to assess controls, there is at least the comfort of knowing that the controls assessed are those broadly required to protect certain security domains.
The technology risks are articulated in the same manner as every other department within the firm, and most importantly.
While the information security governance manager is running a robust program to ensure appropriate application of controls within information security, the technology risk manager sits across the entire technology department, always asking the question, “What does this mean for the business?”

Topics

Security (0.18)
Management (0.14)
Backend (0.09)

Similar Articles

Deloitte BrandVoice: Managing Risk Successfully Requires a People-First Approach

By Forbes - 2021-02-26

Due to the proliferation of disruptive technologies, the role of the risk manager has taken on a new meaning and requires new skills. Companies need to refocus their efforts on embedding risk manageme ...

Peaks and Valleys: The Mental Health Side of Cybersecurity Risk Management

By Security Intelligence - 2021-02-02

Find the latest security analysis and insight from top IT security experts and leaders, made exclusively for security professionals and CISOs.

Future Attacks Against Cyber Connected Cars

By secureworldexpo - 2021-02-28

Cyber threats to connected cars grows as the progress to autonomous vehicles continues.

Managing technical risk

By leaddev - 2021-02-16

Understanding the motivations behind an engineer’s desire to affect your tech stack

Four Steps to Business Model Innovation

By INSEAD Knowledge - 2020-11-17

Success in this new era of accelerated disruption requires a holistic approach to technology.

Best Practices for Managing Cyber Risks in a Cyber World

By The National Law Review - 2021-02-24

Each work-from-home employee represents a potential entry point for cyber threats. Given how rapidly businesses had to transition during the pandemic, they also had limited, if any, time for standard ...