INFORMATION

Site Map - Risk Management

Is There a Business Case for IT Security?

- To ensure adequate IT funding, security must sell management on the potential benefits of the proposed purchases.

Responders, Private Sector Incommunicado

-  The survey was conducted by The United States Conference of Mayors to determine the level of interoperability between jurisdictions and agencies, to identify obstacles that exist, and to gauge how much funding cities are receiving--or need to receive--to make interoperability ubiquitous.

Leading Edge

- To prove security's worth, managers must communicate security's value to every facet of the organization.

Did You Know That?

- A dissertation published by the RAND Corporation assesses the risk of chemical terrorism in Los Angeles and discusses how emergency responders should plan for such an event. It also considers "low-cost options in equipment, training, organization, and doctrine that could improve the response to a chemical terrorist event." @ Link to the dissertation or abstract via SM Online.

Taking Risk Assessments to Extremes

- Property owners and security professionals should look at risk assessment in a holistic context, according to a new report prepared at the University of Pennsylvania's Wharton School on behalf of the Building and Fire Research Laboratory at the National Institute of Standards and Technology (NIST). Read the NIST report, Risk Analysis for Extreme Events: Economic Incentives for Reducing Future Losses .

Vulnerable infrastructure

- Federal agencies are not consistently implementing the basics of information security, such as performing periodic risk assessments, developing and maintaining up-to-date security plans, creating and testing contingency plans, and evaluating and monitoring the effectiveness of security controls, according to a report from the Government Accountability Office (GAO). @ Protecting the Federal Government's Information Systems and the Nation's Critical Infrastructures is at SM Online.

Homeland security

- A bill (S. 308) introduced by Rep. Frank Lautenberg (D-NJ)would require that homeland security grants be given out only based on assessments of risk, threat, and vulnerability.

What Ails Transportation Security?

- Risk managers, continuity planners, and security consultants fill the ranks during& transportation security discussions. What’s missing are transportation professionals.

Nuclear fuel storage

- The National Academics explore the risks.

On a Mission to Merge

- Bringing diverse security functions under one umbrella makes companies more secure and is good for the bottom line. Here are some tips.

Quick Bytes: Governance best practices

- Governance, risk management, and compliance (GRC) have become buzzwords since the passage of legislation like the Sarbanes-Oxley Act. But what exactly do they mean? And how should companies promote their effective use? A white paper from The Compliance Consortium, a year-old international group working to create GRC best practices, answers these questions.

Governance best practices

- Governance, risk management, and compliance (GRC) have become buzzwords since the passage of legislation like the Sarbanes-Oxley Act. But what exactly do they mean? And how should companies promote their effective use? A white paper from The Compliance Consortium, a year-old international group working to create GRC best practices, answers these questions. In the paper the group defines seven operational concerns, from establishing policies, procedures, and controls to implementing continuing process improvement. It also provides a dozen questions for board members and senior managers to consider.  @  Governance, Risk Management, and Compliance: An Operational Approach is at SM Online.
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.