7. Executive Leadership-led Risk Management

How can we sustain executive-level attention to this critical issue, and institutionalize cyber as an on-going component of agency risk management practices, not just a side-bar activity?

Endorse existing ideas by voting for them. YOU MUST BE LOGGED ON TO VOTE.

Showing 1 ideas for tag "accountability"
kudos icon +

7. Executive Leadership-led Risk Management

Supported ITAPS recommendations, part 2

Provide for the escalation of risk-based decisions through senior leadership if critical security recommendations are rejected by owners of business lines or applications, ensuring critical security decisions are not made in isolation. For example, decisions to keep critical systems available while overriding security recommendations should no longer be routinely deferred exclusively to network, system, or application... more »

Voting

2 votes
Public Input