Defining your information security risk tolerance level is THE essential step for any security professionals looking to mature their security program beyond reactive technological controls. This storyboard will walk you through the steps necessary to use Info-Tech's methodology in defining micro and macro risk tolerance levels. The storyboard includes the following sections:

  • Define an executive risk function to ensure defined responsibility and accountability for risk tolerance
  • Evaluate your organizational culture and informal risk appetite
  • Evaluate risk scenarios to determine your micro risk tolerance level
  • Optimize the sensitivity of your risk tolerance screening test
  • Define macro risk tolerance level and risk aggregation methods

Also In

Define the Information Security Risk Tolerance Level

Your best guess at what’s needed doesn’t cut it anymore.

Related Content

Hide Details

Search Code: 82309
Published: December 1, 2016
Last Revised: December 1, 2016


1 Download

Define the Information Security Risk Tolerance Level – Sample
Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.