a measured approach

< Previous | Next >


Senior Member
Czech Republic/Czech
Hello, I came across this expression in an article on ways of securing confidential data in health organizations. The author suggests analyzing risks first usin a qualitative risk analysis (see the full text, please) and setting a certain threshold of acceptable risk, calling this method a measured approach. What does that mean? A balanced method? Or a calculated solution? Thank you for your suggestions.

As shown in the qualitative risk assessment prioritization matrix in Figure 1, the risk baseline indicates a policy that all medium, high, and critical priority risks shall be mitigated to low. In practice this means that security controls are applied to mitigate a given risk until the residual risk is low. When the residual risk is low, the healthcare organization is done mitigating that risk and can then apply its remaining resources allocated to privacy and security to mitigate other risks. Without a measured approach like this, there is risk of over-securing in some areas and under-securing in others, which can result in a weak link or vulnerability that can lead to security incidents such as breaches. Without a risk assessment and baselines of acceptable risk that enable a measured approach, privacy and security risks may create a budgetary black hole for the healthcare organization.

Full text is available at http://premierit.intel.com/servlet/...ormation_Risk-Encryption_is_Not_a_Panacea.pdf
  • ewie

    Senior Member
    English English
    Hello Ewanek. A measured approach is generally one that is slow rather than fast, considered rather than rash, patient rather than hasty:)


    Senior Member
    "Democrats want to look at aid for small businesses that have been hit hard by this pandemic. But when it comes to these larger industries, such as airlines, such as major corporations such as Boeing, they want to make sure it's a measured approach."

    Is this the same meaning of "a measured approach"? I think this one gives off a hint that they want the government to consider the size of (as a measure) businesses and industry for taking actions. Just like "a pro rata basis", if you will. Does this just mean "not too fast, but slowed and well-thought out approach" like ewie suggested?

    source: COVID-19 Updates: Federal Reserve Acts, Deal Eludes Congress, Trump Speaks


    Senior Member
    English - U.S.
    No, that term has nothing to do with the size of the business. It's about not being too hasty or, in this case, too generous.

    Their point is that the speaker believes large business have a higher capacity to withstand problems like this than small businesses do. So they don't want to rush into doing something where they give a whole bunch of money to big businesses that don't need it as much and perhaps neglect small businesses that need it more. Measured means to think carefully about what needs to be done and not make hasty decisions where they spend too much money without getting the desired benefit. They want to be careful and make sure they are making intelligent decisions, not just quick decisions in a panic. It's easy to waste money when you rush.
    < Previous | Next >