The potential benefits of risk management, in terms of security, operations and finance, too often remain unrealised by those businesses who approach cyber security merely as a ‘box ticking’ exercise.
In some quarters cyber security is focused on the production of security-related deliverables to the satisfaction of a risk manager 1 and strict adherence to control frameworks 2 in order to achieve certification. You may be led to believe that all you must do is produce a set of security documents prior to final acceptance. For example, a security case 3 incorporating a Technical Risk Assessment, Risk Treatment Plan, results from Assurance Testing and some Security Operating Procedures.
See the full report
You are seeing this because you are using a browser that is not supported. The The NDEC website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:Windows
Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.