Access Control and Identity Management

Definitions and Concepts

Risk is a fact of life. There is no such thing as risk-free activity. Even the most common activities, such as walking across your living room, could be risky if, for example, you trip and fall. It isn’t possible to completely eliminate risk, as risk-taking is an important part of any organization’s business strategy. By taking risks, we introduce the potential to innovate and grow as an organization. However, in IT, we attempt to manage all of the risks we face by making informed decisions to mitigate, avoid, transfer, and accept risks.

Before continuing, let’s define some of the key terms you’ll see in this chapter:

  • Risk—Risks occur when there is the potential that a ...

Get Access Control and Identity Management, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.