We started our series on risk management a few weeks ago by introducing the concept of risk. One of the general stereotypes about risk is that it lacks some discreteness of security compliance–it doesn’t lend itself to checklists or paint-by-numbers approaches. This is, overall, a good thing, but can prove challenging for enterprises not ready for it.
Here, we wanted to discuss something that many don’t associate with risk management–visualization and analytics. While risk is a human-driven process overall, decision-makers would do well with a set of easily digestible information to help foreground risk as a measurable process.