af Malte Spence | feb 21, 2023 | Risiko, Viden
The International Standards Organization recently published an updated version of their guidance for information security risk management, but they have missed the mark entirely on quantitative methods. The ISO/IEC-27005 is one of the key standards published under the...
af Malte Spence | feb 17, 2023 | Risiko, Sikkerhed, Viden
An important step in any IT risk management process is to clearly define the information assets in scope. But what is an information asset really? How can you best describe your important information assets? And why is it so important to spend time on establishing a...
af Malte Spence | jan 10, 2023 | Risiko, Viden
Inherent risk… residual risk… current risk? When your risk manager or regulatory affairs asks about your “inherent risk”, it highlights a fundamental flaw in qualitative risk assessments. Here’s why – and how to fix it. Although most of us engage in some form of...
