Demands that GMs/PMs have technical literacy/competence so that they can weigh the advice of cyber advisors. This is so often lacking (even among PMs!) which is probably why some orgs default to the compliance/risk management folks holding the ultimate responsibility.
I was the quality assurance officer on the boat, responsible for managing the risk of maintenance programs. Creates all sorts of misaligned incentives as you highlighted ("be a team player") etc.
Great stuff.
Demands that GMs/PMs have technical literacy/competence so that they can weigh the advice of cyber advisors. This is so often lacking (even among PMs!) which is probably why some orgs default to the compliance/risk management folks holding the ultimate responsibility.
I was the quality assurance officer on the boat, responsible for managing the risk of maintenance programs. Creates all sorts of misaligned incentives as you highlighted ("be a team player") etc.