Professional Documents
Culture Documents
Peter Fowler Introduction To Risk Management Presentation Handout 2014
Peter Fowler Introduction To Risk Management Presentation Handout 2014
Peter Fowler Introduction To Risk Management Presentation Handout 2014
26 September 2014
Peter Fowler CPPD
“There are “known knowns”. [These are things we
know that we know.]
There are “known unknowns”. [That is to say, there
are things that we know we don't know.]
But there are also “unknown unknowns”. [There are
things we don't know we don't know.]”
Donald Rumsfeld (Feb 12, 2002)
there may be residual information security risks where the agency has:
• elected to accept a risk by doing nothing, or
• adopted a mitigation strategy that does not completely eliminate a
risk.
Process from AS/NZS ISO 31000: 2009
Common failures when managing risks
• Not establishing the context:
• Misunderstand organisational attitudes and risk appetite