Sharpen your skills in IT risk management
Dive into our knowledge centre
Here, you will find insights and expertise on risk management, quantification, and cybersecurity. Our experts regularly publish articles on current topics to help you understand and manage risk within your organisation.
Whether you need a strategic overview or technical details, our goal is to provide relevant and practical knowledge.
What are information assets & how to Identify them in 5 steps?
An important step in any IT risk management process is to clearly define the information assets in scope. But what is an information asset really? How can you best describe your important information assets? And why is it so important to spend time...
What’s the fun in that?
The last couple of years have reminded us of how dangerous and fluid the world is. It's become our new normal. War in Europe, climate changes, macroeconomic problems and cyber attacks are just some of our society's issues. Now, in Denmark, we...
‘We should never have said that’ and how to avoid it being used against you before it’s too late
‘Loose Lips Sink Ships’ was printed on a propaganda poster during World War 2. It was one of the key messages from the ‘United States Office of War Information’, which urged citizens to avoid careless chatter that could potentially undermine war...
Give me a number!
People are often asked about estimates in investments, the opening of new business areas, projects and budgeting. The estimates given are subject to uncertainty. No one can tell the exact amount, time etc., that will occur in the future. ...
The simplest risk metrics that we just can’t agree on
Inherent risk… residual risk… current risk? When your risk manager or regulatory affairs asks about your “inherent risk”, it highlights a fundamental flaw in qualitative risk assessments. Here’s why - and how to fix it. Although most of us engage...
Top 5 objections to using quantitative models within cyber risk management
Changing habits and mindsets take time and persistence. Especially within IT risk management. Again and again, we at ACI meet tonnes of objections to changing behaviour despite witnessing the benefits of moving from qualitative to...
Managing Cyber Risk With Tactical and Strategic Management Information
Communication is difficult, also when it comes to the risk of cyberattacks. The board and management need a clear basis for decision-making, but the communication needs to improve because it is often too technical or too high-level and abstract....
When a robot gives better estimates than a human
For organisations with many (several hundred) systems, quantitative IT risk management can be likened to a window cleaner being asked to clean the United Nations headquarters in New York. He will never finish before the first couple of windows need...
The organisation’s dripping faucets
A clear agenda for the organization is: "Understand and reduce the risk of cyber-attacks". The management and the board have gradually joined the agenda and understand that we are dealing with a risk that they must deal with. We estimate that cyber...
Sign up for our newsletter
Receive the latest articles and analyses directly in your inbox.