• DocumentCode
    3366861
  • Title

    Operational risk: acceptability criteria

  • Author

    Dresner, D.G. ; Robert, J. ; Wood, Guilherme

  • Author_Institution
    Nat. Comput. Centre, London
  • fYear
    2007
  • fDate
    29-31 Aug. 2007
  • Firstpage
    301
  • Lastpage
    306
  • Abstract
    The English proverb ´one man´s meat is another man´s poison´ may be an apt description of our approach to risk. Some will ski or bungee jump whilst others shun even the gentlest of fairground rides. Some organisations allow their staff unrestricted Internet access; for others access is constrained technically with monitoring and blocking tools, and psychologically with the threat of dismissal. In this paper we look at whether there is a way that organisations, whose appetite for risk may vary greatly, could find a way to share resources and data with assurance. Could we define a model of attitudes to risk which permits one organisation to plug into another and vice versa? We propose that where standards are employed either with the intentional or coincidental purpose of managing risk, there is a way to find common ground on which to build trust.
  • Keywords
    Internet; security of data; acceptability criteria; operational risk; unrestricted Internet access; IEC standards; ISO standards; Information security; Internet; National security; Open systems; Risk analysis; Risk management; Standards development; Telecommunication control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance and Security, 2007. IAS 2007. Third International Symposium on
  • Conference_Location
    Manchester
  • Print_ISBN
    0-7695-2876-7
  • Type

    conf

  • DOI
    10.1109/IAS.2007.65
  • Filename
    4299790
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3366861