Knowledge

What’s the fun in that?

What’s the fun in that?

The last couple of years have reminded us of how dangerous and fluid the world is. It's become our new normal. War in Europe, climate changes, macroeconomic problems and cyber attacks are just some of our society's issues.  Now, in Denmark, we talk a lot about...

Give me a number!

Give me a number!

People are often asked about estimates in investments, the opening of new business areas, projects and budgeting. The estimates given are subject to uncertainty. No one can tell the exact amount, time etc., that will occur in the future.  Despite this...

The simplest risk metrics that we just can’t agree on

The simplest risk metrics that we just can’t agree on

Inherent risk… residual risk… current risk? When your risk manager or regulatory affairs asks about your “inherent risk”, it highlights a fundamental flaw in qualitative risk assessments. Here’s why - and how to fix it. Although most of us engage in some form of risk...

When a robot gives better estimates than a human

When a robot gives better estimates than a human

For organisations with many (several hundred) systems, quantitative IT risk management can be likened to a window cleaner being asked to clean the United Nations headquarters in New York. He will never finish before the first couple of windows need cleaning again. The...

The organisation’s dripping faucets

The organisation’s dripping faucets

A clear agenda for the organization is: "Understand and reduce the risk of cyber-attacks". The management and the board have gradually joined the agenda and understand that we are dealing with a risk that they must deal with. We estimate that cyber can cause extreme...

A guide to a simple probabilistic risk assessment

A guide to a simple probabilistic risk assessment

When you assess IT-risk, you want to understand the probability of certain risk scenarios together with their potentiel loss in monetary values. This is where quantitative solutions come handy. How does a quantitative risk assessment work? How do I get started with...

Why and how to determine the risk appetite

Why and how to determine the risk appetite

A skilled offshore engineer with whom I collaborated gave me a very concrete example of the application of risk appetite. The height of a drilling platform is set according to legislation and standards but also according to the company's risk appetite. How big a wave...

Læs alle vores indlæg