[Owasp-board] OWASP Risk Management

Josh Sokol josh.sokol at owasp.org
Tue Apr 19 12:23:53 UTC 2016


Board,

More and more often it seems that we are coming across issues in our
environment that represent a risk to our organization.  IT issues, logo
issues, and more.  As you know, I have been working ~3 years on a tool
called "SimpleRisk" that enables organizations to track their risks.
Everything from submitting them to planning mitigations to performing
routine reviews.  Evaluating risks is one of (if not the) key role of a
Board of Directors.  I would like to offer to help us improve upon our,
basically ad-hoc, risk management process.  To do this, I would like to
spin up an instance of SimpleRisk on my SaaS platform.  Alternately, we
could install it ourselves on one of our Rackspace servers, but then we
have another server that we need to manage.  In any case, as it's really
just another Docker container on my server (ie. low impact to me), I'd like
to offer this up at no charge to OWASP.  Give me the "Do it!" and I'm
thinking that I can have a fully-functioning risk management program up and
running at OWASP within a few weeks.

~josh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20160419/ef9e4dd6/attachment.html>


More information about the Owasp-board mailing list