I help modern companies with security and compliance | Co-Founder and CEO | MSP and vCISO @ Workstreet
Risk scenarios - how do you decide how many to do? The ideal answer, assuming no resource constraints, is all the ones that are relevant to your company. In the real-world, the answer varies from: 👉 The minimum for an audit 👉 Arbitrary number than feels better than the minimum 👉 As many as you can create before you get pulled into other stuff If it's your first time creating or completing risk scenarios, we recommend a step-wise approach. Start small and treat risk like an ongoing exercise that's dynamic, just like your business.
