Risk Topics

Managing uncertainty and change
for technology organizations.

Welcome! This website is about managing risk at the technology service organizations that service regulated industries such as finance, health, and the public sector. It is being compiled by Michael Werneburg, a Toronto-area specialist in the field, with the mission of engendering conversation, promoting study, and promoting good implementation.

Risk, opportunity, and the service organization

How to get a technology service organization through a SOC-2 audit with a minimum pain and with maximum gain. This goes beyond the how-tos of information security and good governance and explains the competitive advantages that a company will invariably experience when it can consistently excel.

On cyber security

A terrible word for a horrible problem.

On strategic risk management

Strategic risk is where the big problems lie. I'm organizing some thoughts on the subject, here.