Challenges to sustainable risk management: Case example in information network security
Journal Article (Journal Article)
This article contributes to more sustainable management of risk by describing frameworks for (1) valuation of avoided risks and (2) improving outsourced information security services. These contributions address the absence of a structure for rewarding successful risk management, the need for an ever-more accurate economic measure of risk, and the difficulty of transferring risks to contract-bound outsourcing entities. The manager can use these concepts to make more informed decisions in allocating resources to risk management activities. Challenges and lessons from two case studies are presented: (1) application of risk-based ROI at Lawrence Berkeley National Laboratory, and (2) information assurance outsourcing at the Navy Marine Corps Intranet. © 2006 by the American Society for Engineering Management.
Full Text
Duke Authors
Cited Authors
- Pinto, CA; Arora, A; Hall, D; Schmitz, E
Published Date
- March 1, 2006
Published In
Volume / Issue
- 18 / 1
Start / End Page
- 17 - 23
International Standard Serial Number (ISSN)
- 1042-9247
Digital Object Identifier (DOI)
- 10.1080/10429247.2006.11431680
Citation Source
- Scopus