Risk should be objectively identified.
This implies establishing timing and scope in such a way that best supports the decision situation which triggered this SRA.
We must also capture the most important risk components and successfully construct combinations which constitute the most relevant risks within scope.
Objectivity in risk identification requires complete knowledge of our system as well as existing threat sources and vulnerabilities plus unlimited creativity and a total lack of bias.
(some of) my events
- 2023-11-16 Psychological perspectives on understanding human decision-making in situations involving risk and uncertainty (attending symposium, Stockholm)
- 2023-08-23--24 Riskbaserat arbetssätt (teaching course, Stockholm)
- 2023-05-30 Informationssäkerhet och risk (pod interview in Swedish)
- 2023-05-11 Certifierad IT-arkitekt (guest lecturing, Stockholm)
- 2022-12-05 Datavetenskapliga programmet (guest lecturing, University of Gävle)
Subscribe to:
Posts (Atom)
20230802