Risk Management for the Enterprise–How Do You Get Executives to Care About Your Risks?
Software Engineering Institute
Risk managers must often sift through the cacophony of demands for resources and advocacy to identify a diverse set of risks to include in their organization’s risk register. These managers of cyber risk face this problem when trying to prioritize risks within the scope of their function, only to then turn to executives and justify the need for resources.
OCTAVE FORTE, a new and upcoming Enterprise Risk Management (ERM) process model developed by Carnegie Mellon’s CERT Division of the SEI, provides a scalable and standardized process that assists managers and with policy guidelines and tools necessary for identifying risks and justifying the resources needed for the organization’s proper response to them.
Attendees at the OCTAVE FORTE webcast learn more about the new OCTAVE FORTE process and learn about a report, Advancing Risk Management Capability Using the OCTAVE FORTE Process, due this Fall. More specifically, the webcast attendees can expect to learn about the fundamental steps of the process and how they might apply them in their own organization.
About the Speaker
Matthew Butkovic is the Technical Director of the Cyber Risk and Resilience Assurance Directorate in the CERT Division of the Carnegie Mellon University Software Engineering Institute (CMU SEI).
Matt performs critical infrastructure protection research and develops methods, tools, and techniques for evaluating capabilities and managing risk. This includes addressing the …Read more