Holding hands risk management

RISK MANAGEMENT

Our risk management process involves setting institutional priorities and making key decisions in regards to what is sometimes called the institution's "appetite for risk".

Primary direction in making decisions about risk acceptance needs to come from institutional leadership. Information security organizations may manage the risk management program but it's necessary to consult with institutional leadership about handling risks that cannot effectively be reduced or mitigated.

The Risk Management Framework provides useful guidance to assist with developing these processes.

Get Started