Assessing risk can seem a nebulous thing in the privacy world. How do you quantify the chances of a particular piece of information going missing or being used incorrectly and what the impact would be on the business? It can seem even harder when you don’t have control over many of the systems that create that risk or you identify a risk so high that you know the incident will occur, but you don’t have the budget or influence to prevent it. IAPP Publications Director Sam Pfeifle sums up the insights Aron Feuer, CIPP/C, and Rikki Sorensen shared during their preconference workshop, “Assessing IT Risks: What the Privacy Professional Needs To Know,” at this week’s IAPP Canada Privacy Symposium.
If you want to comment on this post, you need to login.