4 Information Security Risk Management

This chapter will discuss information security risks, beginning with a review of the foundational concepts, which will lead to a detailed understanding of risk ownership and management. It will offer insights into identifying and safeguarding your organization’s vital data and provide guidelines for conducting risk assessments. We will explore the significance of information classification and the steps involved in the data classification process. Drawing on these building blocks, we will discuss establishing impact, choosing suitable security controls, and calculating risk using qualitative and quantitative assessments.

The following topics will be covered in this chapter:

What is information security ...

Get Information Security Handbook - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Information Security Handbook - Second Edition by Darren Death

4

Information Security Risk Management

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly