The Other Half: Business Process Evaluation as Risk Management

Wednesday, March 14 | 4:40PM–5:30PM | Room 554
Session Type: NC12
An important and frequently underrecognized factor that impacts the overall effectiveness of an information security program within an organization is the fact that risk management and business process evaluation are inextricably linked. To truly reduce risk, asset determination must consider a comprehensive approach to risk management involving sensitive process flows between systems, users, customers, and business partners. Attendees will be able to devise a methodology for developing a practical and effective merged risk assessment and business process evaluation program and design homegrown technological solutions to aid the information security practitioner in the program's execution.


  • Sarah Pruski

    Information Security Officer, Harvard Graduate School of Education, Harvard University