Understanding Relevant Risks

In this episode of InfoSec Insider, Wayne Armstrong, Senior Information Security Consultant and Consultant Manager at URM, breaks down the fundamentals of effective information security risk assessment and treatment.  Wayne draws upon over 30 years of experience in IT, information security and risk management to discuss:

• What ‘risk’ actually is
• How to define a risk and the three component parts that are needed for a risk to exist
• How to assign value to a risk
• How to prioritise risks and determine which can be set aside, as well as how these priorities differ between organisations depending on context
• The risk treatment options available, and the need to revisit your risk assessment.

Learn more about this topic: https://www.urmconsulting.com/blog/information-security-risk-assessment-and-treatment-understanding-relevant-risks

If you enjoyed this episode of InfoSec Insider – Talk Cyber, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider        

You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts      

Brought to you by URM, the UK’s leading information and cyber security specialists.