Title :
Operational risk: acceptability criteria
Author :
Dresner, D.G. ; Robert, J. ; Wood, Guilherme
Author_Institution :
Nat. Comput. Centre, London
Abstract :
The English proverb ´one man´s meat is another man´s poison´ may be an apt description of our approach to risk. Some will ski or bungee jump whilst others shun even the gentlest of fairground rides. Some organisations allow their staff unrestricted Internet access; for others access is constrained technically with monitoring and blocking tools, and psychologically with the threat of dismissal. In this paper we look at whether there is a way that organisations, whose appetite for risk may vary greatly, could find a way to share resources and data with assurance. Could we define a model of attitudes to risk which permits one organisation to plug into another and vice versa? We propose that where standards are employed either with the intentional or coincidental purpose of managing risk, there is a way to find common ground on which to build trust.
Keywords :
Internet; security of data; acceptability criteria; operational risk; unrestricted Internet access; IEC standards; ISO standards; Information security; Internet; National security; Open systems; Risk analysis; Risk management; Standards development; Telecommunication control;
Conference_Titel :
Information Assurance and Security, 2007. IAS 2007. Third International Symposium on
Conference_Location :
Manchester
Print_ISBN :
0-7695-2876-7
DOI :
10.1109/IAS.2007.65