icon-carat-right menu search cmu-wordmark

An Alternative to Risk Management for Information and Software Security

Podcast
In this podcast, Brian Chess explain how standards, compliance, and process are better than risk management for ensuring information and software security.
Publisher

Software Engineering Institute

Listen

Abstract

Standard, compliance, and process are more effective than risk management for ensuring an adequate level of information and software security.

Related Course
Assessing Information Security Risk Using the OCTAVE Approach

About the Speaker

Headshot of Julia Allen.

Julia H. Allen

Julia Allen is an SEI alumni employee.

Julia Allen is a principal researcher within the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. Allen’s areas of interest include operational resilience, security governance, and measurement and analysis. Prior to this technical assignment, …

Read more