Chapter 3
Thinking About Risk
Information in this chapter:
• Understanding Risk
• Trust, Assurance, and Security
• Risk Associated with Information Systems
• Risk Management Life Cycle
All organizations have some exposure to risk, defined as the potential for loss, damage, injury, or other undesirable outcome resulting from decisions, actions, or events affecting organizational operations. Risk exists because the future cannot be predicted with certainty; organizational plans or strategies regarding future events reflect assumptions, calculations, or estimates about what will occur, but there is always a chance that events will unfold differently than anticipated, potentially with results less favorable than those for which the organization planned. ...
Get FISMA and the Risk Management Framework now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.