CHAPTER 5: INFORMATION RISK

All organizations possess information, or data, that is either critical or sensitive. As discussed in Chapter 3, this information is a substantial component of the organization’s intellectual capital. In the ‘Information Security Breaches Survey 2004’, the UK Department of Trade and Industry commented: ‘information is widely regarded as the lifeblood of modern business.’ 87 percent of businesses now identify themselves as ‘highly dependent’ on electronic information and the systems that process it.

Overview of threats and impacts

Threats

Threats in the digital world, as in the analogue one, originate with people. These people fall into five groups:

• Criminals (thieves, fraudsters, organized crime),

• Malefactors ...

Get IT Governance: Guidelines for Directors now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.