The importance of risk management in the commercial sector was recognised in the Turnbull Report produced by the Institute of Chartered Accountants (, the recommendations of which became mandatory in December 2000. Broadly, the provisions state that:

•  Risk management is the responsibility of the whole Board of Directors.

•  Organisations should have a system of controls to protect shareholder and company assets.

•  The controls should be reviewed at least annually.

•  Risks should be regularly assessed and include risk management and financial, operational and compliance risks.

The key principles of corporate, IT and project governance were explored in Chapter 5. Effective risk management ...

Get Cyber Risks for Business Professionals now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.