Risk Meeting Tomorrow
I’m running a risk meeting tomorrow during which I will be presenting the risk register I’ve worked on. My boss wants me to lead the discussion by going through as many items as we can in the allotted time, and discussing the best ways to address each item.
My background is in technical writing/documentation. I like learning risk management and want to make a career of it. But I’m a little out of my element so I figured I’d as for some advice.
So far I’ve gone through the old risk register, archived/deprioritized the entries that were either outdated or I could map to existing controls, reassessed the risk scores/severity levels, and assigned ownership for each risk.
Context about the company: it is a small office with a warehouse/factory in the back. It’s regulated under PCI and we are trying to get ISO27k as well. It’s a US branch of a larger international organization.
Any tips or advice on how I should approach this meeting is greatly appreciated!