Latest Research

DATA & BI Dec 04, 2023

Prepare for AI Change – Training for Business Leaders

Develop your initial Gen AI roadmap.

CIO & STRATEGY Dec 04, 2023

Exponential IT Keynote

Lean into the curve.

APPLICATIONS Dec 04, 2023

Evolve Your Software Development Lifecycle Into a Solution Delivery Lifecycle

It’s "solution delivery," not "software development."

INF & OPS Nov 30, 2023

Align Backups With Your Data Protection Requirements

Making a copy of your data does not always result in data protection.

CIO & STRATEGY Nov 29, 2023

Develop Your IT Leadership Team’s Financial Literacy

Start thinking and talking like a business leader.

INF & OPS Nov 29, 2023

Implement Hardware Asset Management

Build a process to track assets across their entire lifecycle.

INF & OPS Nov 22, 2023

Build a Service Desk Consolidation Strategy

A consolidated service desk not only drives more efficient service but is the foundation for optimization and innovation.

APPLICATIONS Nov 17, 2023

Get Started With AI in Requirements Management

Leverage AI to improve your requirements practices, not replace them.

INDUSTRY COVERAGE Nov 16, 2023

Use Artificial Intelligence and Machine Learning to Improve Population Health Outcomes

A high-level AI primer for public health practice.

INDUSTRY COVERAGE Nov 15, 2023

The New Power of Accountable Care Organizations

The role of health insurance payers, healthcare services providers, and public health organizations in the migration from fee-for-service to value-based care in pursuit of Quadruple Aim optimization.

See all new content

Define the Information Security Risk Tolerance Level

Your best guess at what’s needed doesn’t cut it anymore.

Book This Workshop

Making risk decisions without a clearly defined risk tolerance can result in:

  • Inadvertent acceptance of dangerous risks
  • Spending security funds on ineffective controls
  • Ambiguous security risk responsibilities

Clear understanding of risk tolerance leads to:

  • Informed risk decisions
  • Efficient and effective rationale for security spend
  • Clearly assigned risk functions

Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book Now

Module 1: Assess the Risk Culture and Responsibilities

The Purpose

  • Discuss the general business requirements and obligations towards risk.
  • Understand and agree on risk responsibilities and duties.
  • Define and discuss security assumptions for frequency/impact.

Key Benefits Achieved

  • Clear understanding of risk language and responsibilities across the organization
  • Defined risk statement and IT mandate

Activities: Outputs:
1.1 Define the security executive function RACI chart.
  • Defined IT mandate
1.2 Assess employee and management risk culture.
  • IT and Business Leadership Alignment Report
1.3 Standardize impact and risk assumption terminology.
  • Information Security Risk Statement
1.4 Define risk requirements and risk frequency/impact thresholds.
  • Business Leadership Communication and Reporting Plan

Module 2: Define Risk Tolerance

The Purpose

  • Use risk definitions and understanding to define micro risk tolerance.
  • Define and discuss organizational risk tolerance for collective macro risk, and high-level strategy for macro risk management.

Key Benefits Achieved

  • Quantified definition for micro risk tolerance
  • Quantified methodology for risk impact analysis
  • Understanding and management method for macro risk

Activities: Outputs:
2.1 Perform risk scenario assessment.
  • Risk Tolerance Determination Tool
2.2 Define and discuss organizational micro risk tolerance.
2.3 Define and discuss macro risk tolerance and macro risk management methodology.

Book this workshop now to accelerate your IT projects

Book Now
Visit our IT Cost Optimization Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019
© Info-Tech Research Group | Terms of Use | Privacy Policy