Part one of our new fiction series: Risk Assessments? Don’t be Frank!

Today we introduce you to a new miniseries that will run for the rest of week. Every day you’ll be able to find out how the story unfolds and what Frank and Matt get up to next.  Don’t miss tomorrow’s chapter! –

Written by Luke Milner, senior technical writer at IT Governance.

Depressed

Frank was depressed. It wasn’t that he hated his job – he was one of those people with a genuine passion for his work – and it wasn’t that his company, Wolfram & Sheinhardt, was excessively bureaucratic – which it was – nor was it that he felt underappreciated and overworked – although, again, both were true. Frank was depressed because he had to suffer under all of these things to do something he believed in. Being in charge of information security risk assessment was like being the only person at a pantomime and unable to shout loudly enough that the moustache-twirling villain was behind the dame. Frank mentally swapped “villain” for “potential lawsuit” and “dame” for “ineffective access control”. Pantomime was still pretty accurate.

He opened the curtains in his little corner cubicle to look out over a narrow alley and into the window opposite, which was home to someone at least equally miserable. The curtains were blue. He’d always hated English at school.

He began the day, as he’d begun every day for the last five years, hunting for his files. They were missing. Again. The spreadsheets seemed to move every day as the company brought in new and ‘exciting’ methods of storing their files. Today, it seemed, the system was to rename every file, mix them up, change the file format, assign them to the wrong person, then rename them again, delete half of them, copy half, print half – quite where all these files came from was a mystery[1] – then shred the printed copies.

He’d warned them about this. He always warned them about this. All the changes were a major Risk with a capital R. No confidentiality, no integrity, no availability. He’d said as much in his last report, but no one ever read them – how could they? The reports were lost somewhere on the file server, probably reassigned to a walrus in product development as a blueprint for an electric hammer.

He was still hunting for his files – the new system required him to triple-click to open files – when an obnoxiously cheerful email notification took over his screen. As part of the company’s latest push for happiness in the workplace, all notifications for internal emails were now unskippable, full-screen videos of prancing kittens, puppies, sloths, goats, squid, chameleons or – if you were really unlucky – bacteria. As a side-effect of this initiative, however, many of the senior managers and other Important Types had spent the last week watching the videos and achieving nothing else. At least they weren’t making more decisions.

The goat finished bouncing around Frank’s screen and he could finally squint at the four-point novelty font. It was horrific: today, he was jubilantly informed, he would be babysitting some swivel-eyed loon from some business distantly related to Wolfram & Sheinhardt through a series of shell corporations and dodgy ownership deals, such that both businesses turned out to be owned by a wig company based in Philadelphia. His boss gleefully called it a “knowledge-sharing exercise”, which Frank immediately deduced meant there would be rather a lot of shouting. Worse, the email continued, Frank would himself be sent to this other business in turn, presumably to observe whatever arcane, primitive system they had derived for risk management from Babylonian cuneiform tablets. The prospect alone made him feel ill.

*********

Find out how vsRisk can help you conduct risk assessments without the pain that spread sheets deliver. View more information now.

[1] It was possible that documentation actually defied physics and was capable of creating something from nothing. Frank didn’t have a good grasp of physics, but he knew to be wary of anything that seemed to defy it. Cats, for instance, refused to obey gravity and fluid dynamics, and his neighbour’s cat, he was sure, had been plotting something nefarious – maybe insider trading, or a complex financial fraud scheme.

READ PART TWO HERE.

No Responses

Leave a Reply

Your email address will not be published. Required fields are marked *