search menu icon-carat-right cmu-wordmark

An Alternative to Risk Management for Information and Software Security

February 2009 Podcast
Brian Chess (Fortify Software), Julia H. Allen

In this podcast, Brian Chess explain how standards, compliance, and process are better than risk management for ensuring information and software security.



Standard, compliance, and process are more effective than risk management for ensuring an adequate level of information and software security.

Related Course
Assessing Information Security Risk Using the OCTAVE Approach