» Risks in Limbo

November 6th, 2008 by Chandler Howell

Something that I think we all know, but I had never really broken out as a coherent thought:

There are many risks which “everyone” acknowledges need to be reduced (and cannot easily be avoided), but which no one wants to accept. Of course, usually no one wants to pay to mitigate or transfer the risk, either.

Risks that are stuck in this particular form of Limbo are accepted, and no one should be allowed to claim otherwise.

Those who are not willing to either formally accept the risk or write the check to reduce it, are just contributing to the intellectual dishonesty that perpetuates the problem.

My personal favorite example of this problem is database encryption, especially for Personal Information. People inevitably claim to agree that “this must be done,” since that provides a certain degree of Get Out Of Jail Free Card, at least for notifications, but no one ever writes the check or provides the people to make it happen.

I’m suspect that you, dear reader, could also provide a few examples of your own.

- Posted in Security and Risk Management, Risk Management

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.


« How I supposedly contributed to the credit crisis
Unix Russian Roulette »


- Leave a Reply