Information Risk Management: A practitioner’s guide

3 THE INFORMATION RISK MANAGEMENT PROGRAMME

Due to its possible scale, for many organisations risk management will involve a programme of work rather than simply a project, and whilst the mechanics of managing information risk are relatively straightforward, there needs to be an overall framework around the activity if there is to be any real chance of success.

The organisation should ideally establish an information risk management programme, which will have oversight of the work. Such a programme might contain the following elements:

The goals, scope and objectives of the programme and the organisation’s overall information risk management policy.
The overall roles and responsibilities of the programme leaders and key players, including their ...

Get Information Risk Management: A practitioner’s guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Information Risk Management: A practitioner’s guide by David, Sutton

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly