There are different kinds of risk. Some are desirable. Doing business means taking risk to make money. The risk appetite will vary between companies and over time.
Other risks represent things going wrong in a company's everyday activities. We call them operational. You won't have an appetite for them. Instead, we talk of risk tolerance. When do you decide to close a factory, do things differently to avoid the potential cost? Operational risks are risks you don't want. Infosec risks among them.
(some of) my events
- 2019-04-09--11 Operativ informationssäkerhet (teaching course, Stockholm)
- 2019-03-06--08 Strategisk informationssäkerhet (teaching course, Stockholm)
- 2019-01-29 Certifierad informationssäkerhetsarkitekt, del 1 (co-teaching course, Stockholm)
- 2018-12-13 Datakommunikation och IT-säkerhet (guest lecturing, Högskolan i Gävle)
- 2018-12-05--07 Teknisk informationssäkerhet (teaching course, Stockholm)