Taking a Business Risk Portfolio (BRP) Approach to Information Security

  • Friday, April 24, 2015 | 11:20 AM – 12:10 PM | West | Room: 2008

View all Sessions

Many business executives mistakenly seek to reduce information security risk to zero. This is both impossible and wrongheaded. A better approach is to position InfoSec risk appropriately within a business risk portfolio, and manage and mitigate accordingly. This session provides a blueprint for crafting a BRP and embedding Infosec within it.


This document was retrieved from on Tue, 11 Dec 2018 09:07:10 -0500.