May 28, 2010 “Impact” is not a Metric I never like to see the term ‘impact’. Its not a metric. I discuss how length, temperature, weight, are metrics whereas speed, acceleration, entropy…
May 22, 2010 Risk Analysis Makes No Sense … does it? Image via Wikipedia Take a look at this article. http://www.zdnet.com/blog/security/security-engineering-broken-promises/6503 You’re back? What did you think of it? OK, now look again, scroll down…
May 19, 2010 Risk is Not a Primary Metric “Risk” is not a primary metric. What do I mean by that? Primary metrics you can measure easily. In physics they are things like…
May 19, 2010 The Classical Risk Equation What we had drilled into us when I worked in Internal Audit and when I was preparing for the CISA exam was the following…