× Welcome to SGCyberSecurity forum!

Feel free to discuss any topics relating to cybersecurity with the rest of the security community in this forum.

Topic-icon Risk mgmt policy

9 years 6 months ago #742 by o_boiboi77

Am working on a risk mgmt policy, seems very complex n wld like to consult the gurus here for some advice. =)

Please Log in or Create an account to join the conversation.

9 years 6 months ago #760 by o_penguin78

hi all. nice to discuss on risk mgmt, how often does one need to review the risk assessment policy? quarterly or annually?

Please Log in or Create an account to join the conversation.

9 years 6 months ago #761 by o_icemanssl22

I guess it come down to budget, resources, IT infrastructure and most importance, industies you are in.

You can reference to the statistics report done in US as sample and decide the review time frame:

www.hackmageddon.com/2015/05/12/april-20...-attacks-statistics/

So, some industries need more assessment regularly then the rest. Is management call.

Please Log in or Create an account to join the conversation.

9 years 6 months ago #763 by o_penguin78

OMG, so much attacks taking place! Hmm.. guess it's always wise to do regular review to ensure all controls are properly in place. stress!

Please Log in or Create an account to join the conversation.

9 years 6 months ago #766 by o_icemanssl22

When ACL is concern; remember to strike a balance in order not to affect business workflow. Happy defending.!

Please Log in or Create an account to join the conversation.

9 years 6 months ago #773 by o_moomoo77

just to share my views. risk mgmt has to be taken seriously, tis will affect business flow/operations. pay careful attention when evaluating risks and plugging it with the right mitigating controls. :)

Please Log in or Create an account to join the conversation.