search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

An Alternative to Risk Management for Information and Software Security

Podcast
By
In this podcast, Brian Chess explain how standards, compliance, and process are better than risk management for ensuring information and software security.
Publisher

Software Engineering Institute

Subjects

Listen

Abstract

Standard, compliance, and process are more effective than risk management for ensuring an adequate level of information and software security.

Related Course
Assessing Information Security Risk Using the OCTAVE Approach

About the Speaker

Brian Chess (Fortify Software)

Read more
Headshot of Julia Allen.

Julia H. Allen

Julia Allen is an SEI alumni employee.

Julia Allen is a principal researcher within the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. Allen’s areas of interest include operational resilience, security governance, and measurement and analysis. Prior to this technical assignment, …

Read more
SHARE

Supplemental Materials

Download Audio
Download Notes
Download Transcript
Related Links
Assessing Information Security Risk Using the OCTAVE Approach
Ask a question about this Podcast