This document is The Open Group Standard for Risk Analysis (O-RA), which provides a set of standards for various aspects of information security risk analysis.
This document provides a standard definition and taxonomy for information security risk, as well as information regarding how to use the taxonomy.
Why your GRC investment may be letting you down, and what you can do about it.
Understanding the need to move information risk management from art toward science.
This article will provide insight into the information that's necessary in order to make well-informed risk decisions.