Risk Management
The National Institute of Standards and Technology (NIST) says that risk management is “a complex, multifaceted activity that requires the involvement of the entire organization.”2 Risk management (RM) helps an organization identify the risks that it faces. It also makes sure that organizations respond to risk in a cost-effective manner. Organizations use RM to support their business goals.
One of the main goals of RM is to protect the organization’s bottom line. When risk is realized, it negatively affects an organization’s profits. RM helps an organization align its information security practices to its business goals. It makes sure that an organization spends its limited resources wisely and in ways that enhance business goals. ...
Get Legal and Privacy Issues in Information Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
