An Alternative to Risk Management for Information and Software Security
February 2009 • Podcast
Brian Chess (Fortify Software), Julia H. Allen
In this podcast, Brian Chess explain how standards, compliance, and process are better than risk management for ensuring information and software security.
Standard, compliance, and process are more effective than risk management for ensuring an adequate level of information and software security.
Assessing Information Security Risk Using the OCTAVE Approach