CHAPTER 11

Information Assurance Risk Management

Whether government or private, organizations exist to provide value and benefits to their stakeholders. At the same time, they face uncertainty, which can be either a risk or an opportunity. The challenge for management is to decide how much risk it can accept to increase stakeholders’ value. Failure to manage risk reduces the benefits to the stakeholders and potentially exposes them to loss and negative effects. To succeed, management should design a strategy that overcomes risk while maximizing opportunities that come with it.

Information assurance risk management is essential for an effective information assurance management program. It is integral to good management practice. As discussed ...

Get Information Assurance Handbook: Effective Computer Security and Risk Management Strategies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.