Welcome to the INFOSEC translator.
As information security professionals we have a duty to make sure that senior management is well informed of risks to the business's information. At the end of the day, it is the job of senior management to choose whether or not to accept any particular risk, and it is our job to make sure that we have appropriately and effectively communicated that risk.
The purpose of this site is to have a way for information security professionals to be able to find ways to communicate effectively with business principals and show how good security contols can bring value to the organization and how they align with the business's needs.
The baseline framework that will be used is the NIST Cyber Security Framework.
This is intended to be a community-driven site and participation in updating content and discussions is highly encouraged.