III.B.1.c: Enterprise Risk
Assess risks accepted through the proposed investment. Other Information:
Determine the impact that security and privacy choices may have on the broader enterprise. i. aspects of proposed investments.
Unaddressed security and privacy requirements may impact other parts of the enterprise and other interconnected organizations.
ii. requirements. The IRB and program executives must understand risks associated with underfunding of security and privacy
requirements. Lack of investment into mitigating identified risks will increase overall risk to an agency.
Indicator(s):
|
