Look at information security through the lens of business risk, and you’ll begin to make decisions about security in light of their impact on the business.
Join Marshall Toburen, GRC Strategist for RSA Archer®, for part two of this interactive webcast series. In this session, he will share a seven-step methodology for a GRC-based business risk management framework, including tips for:
- Defining what information needs to be protected and identifying the location and amount of important information
- Documenting processes and enterprise risk controls—documenting the activities as business processes and documenting the risks associated with the processes
- Determining levels of inherent and residual risk and answering the question of what to do with a residual risk level that exceeds risk tolerance and appetite
About our speaker: Marshall Toburen is a GRC Strategist with RSA Archer specializing in Enterprise, Operational, and Third Party Risk Management. He has 30 years of experience in financial services including roles as Enterprise Risk Manager, Operational Risk manager, Information Security Officer, Chief Audit Executive, and Assistant Controller. His credentials include: M.A. in Economics, Univ of Missouri; B.A.s in Economics & Political Science, Baker Univ; & holds CIA, CISA, & CBA certifications (non-practicing).