A Consolidated Approach to Risk and Standards Management
This session will offer an overview of the tools and techniques we use at Ohio University to address our information risk and standards management. We will include an overview of the tool we use to capture risks as identified through the Factor Analysis of Information Risk (FAIR) process, as well as using NIST 800-53 for our controls implementation and modeling. If you are just starting a program in standards and risk management, this may give you an excellent place to begin!
Understand how to capture risks and their associated metrics to present to senior management * Understand how to capture controls and their associated metrics to present to senior management * Learn about an approach and tool you can use to tie together risk and standards management
Chief Information Security Officer, University of Massachusetts Amherst