What is it?
IT Risk Management is a threat-based approach to assessing and mitigating risk to IT assets. The typical approach to managing risk is to apply a set of best practices to all assets. This may be more effort than it's worth for low-risk assets, and insufficient for higher-risk assets. A more effective approach is to identify the relevant threats (threat assessment), determine which IT resources are vulnerable to those threats, and then to apply appropriate controls that will mitigate that risk to an acceptable level for those resources. For example, the same resource (laptop hard-drives) used by people in both low-risk and high-risk contexts, would normally not require disk encryption unless the drive hosts information with a sensitivity level that would require mitigation against theft, e.g., human resources or financial data. A well thought-out approach to IT risk management will ensure mitigation efforts are focused on the higher risks and ensure that the confidentiality, integrity, availability and accountability of the more sensitive IT assets are well protected.
We are also fostering a community of IT Risk Management practitioners through training, mentoring, and interaction.
Who is it for?
Any organization in the Bible translation movement.
Who do I contact?
Rod Davis, Business Continuity Consultant for SIL International, Rod _Davis@sil.org, +1(704) 843-6178
What GTIS Does
What you do
You will provide an engaged contact who can provide or assist GTIS in discovering the following types of information: