© Raymond Pompon 2016

Raymond Pompon, IT Security Risk Control Management, 10.1007/978-1-4842-2140-2_8

8. Talking to the Suits

Raymond Pompon

(1)Seattle, Washington, USA

A ship in harbor is safe, but that is not what ships are built for.

—John A. Shedd

Many years ago, the CTO asked me to a give a five-minute presentation to the rest of executive leadership regarding the recent risk analysis my team had completed. It was a huge project for the security team, spanning months of work examining every possible IT risk to the company we could imagine. The final report was nearly 50 pages long, filled with quantitative details on multiple sources of threats and multifaceted impact calculations. This was my first appearance before the entire executive team ...

Get IT Security Risk Control Management: An Audit Preparation Plan now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.