9 COMMUNICATION, CONSULTATION, MONITORING AND REVIEW
Although we have already discussed the need for business cases, a greater part of the information risk management programme will require input and agreement from many stakeholders, and it is important that the programme team are able to undertake discussions with them in such a way as to ensure the programme’s success.
Communication is key here, as is the ability to consult with stakeholders before, during and following the programme’s activities.
This chapter deals with the communication and consultation activities required, and also focuses on the need to review risks once they have been treated and the ongoing monitoring of them to ensure that they remain at a satisfactory level.
Get Information Risk Management, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
