This briefing is based on the findings of a cross-industry task force of CISOs and employees who shared their challenges and best practices for developing and conducting risk assessments to meet compliance requirements and promote a "culture of risk" in their organizations. Topics discussed include: (1) guidance for evolving your risk management program from "good" to "better" to "best," (2) criteria for selecting and using a risk assessment methodology, (3) the components of an industry-accepted risk assessment methodology, (4) the composition of a risk register, (5) developing management-approved risk acceptance criteria, and (6) tips for improving risk mitigation.
Supporting tools demonstrated during the meeting include: (1) a risk management maturity self-assessment, (2) an ISO 27001:2022 ISMS risk assessment/treatment standard, and (3) an Information Security Management System (ISMS) risk assessment workbook.

Join the Task Force meetings where they will share visuals and key insights to help you improve the effectiveness of your risk assessments.

Speaker:
Lou Klubenspies, CISO, PerkinElmer
Rich Nagle, CISO, Ohio State University
Richard Rushing, CISO, Motorola Mobility
Michelle Amanti, DuPage County

Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.