 |
| Business Risk Management
Consulting Services
|
| Organizations do not buy security... they invest in business risk management; risk management is the business driver behind all security efforts.
|
|
Keith D. Willett, MScIA, CISSP, ISSAP
Mr. Willett has 25+ years experience in information technology (IT), security, consulting, and business planning. Moreover, Mr. Willett is a certified and experienced information security professional with degrees in Computer Science, Business/Information Systems, and Information Assurance (IA) plus experience in IA architecture, enterprise architecture, systems engineering, and project management.
|
Business Risk Management Compliance Management Compliance Assessment / Audit Preparation Information Assurance Programs Business Contintuity & Disaster Recovery Emergency Preparedness RFP Preparation & Response
|
|
The Norwich University Journal of Information Assurance (NUJIA) contains many quality resources on IA issues including:Litigation Management as Part of a Comprehensive Compliance Management Program - A Perspective on the Federal Sentencing Guidelines Chapter 8 Sentencing of Organizations & An Interpretation With Respect To HIPAA Final Security Rule by Keith D. Willett, MScIA, CISSP, ISSAP.
The motivation behind information assurance (IA) is managing business risk. Business risk management, along with many other aspects, includes the need for compliance management. Compliance management is a preventive approach that attempts to mitigate the risk of violating a compliance requirement (e.g. legislation, regulatory, instruction, or directive). However, despite best efforts, there remains the potential of a judge or jury finding the organization guilty of a violation.
|
|
|
|
 |
