Information Risk Management, 2nd Edition

3 THE INFORMATION RISK MANAGEMENT PROGRAMME

Due to its possible scale, for many organisations risk management will involve a number of areas of work rather than simply a project, and, while the mechanics of managing information risk are relatively straightforward, there needs to be an overall framework around the activity if there is to be any real chance of success.

This chapter discusses the goals, scope and objectives of such a programme, together with the various roles and responsibilities and governance of the programme.

The organisation should ideally establish an information risk management programme, which will have oversight of all the work. Such a programme might contain the following elements:

The goals, scope and objectives ...

Get Information Risk Management, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Information Risk Management, 2nd Edition by David Sutton

3 THE INFORMATION RISK MANAGEMENT PROGRAMME

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly