ABSTRACT
Part of the problem is that many industries across the
United States are willing to accept a certain level of risk as
a tradeoff for realizing short-and long-term gains in pro-
ductivity. Another contributor to the problem is that risk is
often narrowly construed as being only security. In reality,
a security risk-albeit important-is just one of the many
types of risks facing an intranet. Many corporations find
themselves facing a host of unanticipated risks related to
transaction security, network capacity, configuration con-
trol, directory services, maintenance skills availability,
upgrades to hardware, and backup procedures. Other
intranet-related risks include performance, integration,
scalability, and planning.