Welcome to the CXOWARE blog. We hope you’ll join us for lively and good natured discussion about risk and risk issues!  We’re risk geeks, plain and simple. We’re big advocates of the Factor Analysis of Information Risk (FAIR) framework for quantifying risk.

Fixing the RCSA - Free Webinar

By: Jack Jones

Find me on:

Risk and Control Self-Assessments (RCSA’s) are often considered to be an important part of the risk management process, particularly in the financial industry.  Unfortunately, many RCSA’s suffer from one or more serious problems that can result in management being misinformed about risk.  In this session, Jack Jones will describe:

  1. the most common errors he encounters in RCSA’s,
  2. their effect on risk management decisions,
  3. and some relatively straight-forward solutions to those problems.

Attend this webinar to better gauge where your RCSA’s stand and what you can do to improve them.

Free webinar: Fixing the Risk and Control Self-Assessment (RCSA)

November 13, 2014 at 11 am PST

Can't make it on the 13th? Go ahead and sign up to be one of the first to get the recording.

Register for Free Webinar:  Fixing the Risk and Control Self-Assessment

About The Author

Jack Jones
Jack Jones is the EVP of R&D and a Founder of RiskLens. He has worked in technology for over 30 years, the past 28 years in information security and risk management. He has a decade of experience as a Chief Information Security Officer (CISO) with three different companies, including a Fortune 100 financial services company. His work there was recognized in 2006 when he received the Information Systems Security Association (ISSA) Excellence in the Field of Security Practices award. In 2007, he was selected as a finalist for the Information Security Executive of the Year, Central United States, and in 2012, he was honored with the CSO Compass Award for leadership in risk management. Jones, who lives in Spokane, Washington, has served on the ISACA CRISC Certification Committee and RiskIT Task Force, as well as the ISC2 Ethics Committee. He is the author and creator of the Factor Analysis of Information Risk (FAIR) framework. He writes about that system in his book Measuring and Managing Information Risk: A FAIR Approach, which was inducted into the Cyber Security Canon in 2016, as a must-read in the profession.