Risk and Security Blog

Being Prepared and Risk Informed

Ultimately, the justification for adopting a pre-emptive and proactive approach must be to enable better risk-informed decision-taking. A comprehensive evaluation of cyber risk requires a meticulous approach to mapping an organisation’s assets and processes before modeling risk against them, and there are few methodologies that are fully evolved to accomplish this.
Posted: 28 November 2013 by Optimal Risk Admin | with 0 comments

Prepared for Anything? Really?

Good management practice and preparedness really requires the ability to anticipate events long before they happen, and develop a planned response to each scenario. In developing and refining capabilities, managers need to be able to regularly review flaws in plans and road-blocks to effective performance through drills. This should run counter to any tendency to over-simplify plans and procedures, as the threats are increasingly sophisticated.
Posted: 23 July 2013 by Optimal Risk Admin | with 0 comments