In the July edition of SC Magazine, we are planning to run a feature on different approaches to risk management in the context of information security.
As part of the coverage, we would like to hear from readers about how you measure your management's tolerance for risk. And having measured it, how do you adjust your information security program to meet their tolerance level?
If you have good information to share, let us know. Equally, if you think it's a crazy question, let us know. The whole idea is to gauge how far IT security professionals have adopted the disciplines of risk management, and how they implement it.
We shall report on the responses in our July edition. If you'd prefer your comments to be reported without attribution, just let us know and we'll respect your request.
Please send responses to editor-in-chief Ron Condon at firstname.lastname@example.org, putting RISK as the subject line.