The Risk Dr ®

Category: Risk Reporting

Learning From Other’s Mistakes

I wrote this piece after I read one person’s take on the relationship between near misses and audit findings. I wanted to reflect my thinking on the matter in a way that gave risk organizations a useful function to pursue after an incident. You can read about the role that your near misses (and other’s)…

16 January 2023

·

@ISACA, Data, ISACA, Metrics, Risk, Risk Reporting
The Future of Quantitative Cyber Risk Reporting

In my latest piece for the @ISACA newsletter, I address the US SEC’s interest in enhancing the cyber risk reporting requirements. The SEC has asked for feedback on this matter from the public. I used my feedback to them in the writing of this piece.

22 June 2022

·

@ISACA, Risk, Risk Communication, Risk Profession, Risk Reporting