
107
11Chapter
Information Security
Risk Management
Risk management responsibilities are usually split between a number of organi-
zational entities with the consequence that the biggest risk may well be a lack of
continuity and integration between these efforts. e fact that all parts of any orga-
nization are required to operate in some fashion related to managing risk further
complicates the problem. While many of these risk management concerns may be
the responsibility of an organizational risk manager, many will also have a direct
impact on information security. is includes most elements of physical security
including how every user of inform ...