Special Considerations
Risk management and contingency planning activities make good business sense. They help an organization prepare for threats and events that harm its ability to meet its business goals. Organizations that engage in these activities understand their information security posture and know where they have weaknesses. They also know the threats to the confidentiality, integrity, and availability of their IT resources and data.
Addressing Compliance Requirements
For many organizations, RM and contingency planning are not just good business practices. Sometimes they are required by law. Many laws require the organizations they cover to complete risk assessments and create contingency plans. TABLE 14-5 reviews some laws that have ...
Get Legal and Privacy Issues in Information Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
