I recently wrote this piece for ISACA on business process maps. Clearly, this is tongue in cheek – there are a lot of benefits to building a map of business processes and for a security professional, these maps can become the basis of lots of security and risk reporting. You can read my thoughts onContinue reading “Business Process Maps are Boring”
Category Archives: Taxonomy
Article on Cyber Risk Taxonomy on Risk.Net
I wrote a piece for risk.net that discusses techniques for integrating a cyber risk taxonomy with an operational risk taxonomy. It’s behind a paywall, so apologies for that up front, but they do have a free trial. Its a great article for those that are struggling with aligning the need for cyber risk granularity withContinue reading “Article on Cyber Risk Taxonomy on Risk.Net”
The Risk Dr ® 