Chapter 14. Risk Analysis, Incident Response, and Contingency Planning
RISK MANAGEMENT IS AN IMPORTANT information security tool. The risk management process helps an organization understand the risks, vulnerabilities, and threats that it faces each day. It helps it understand its security posture. It also helps the organization know where to strengthen that posture. An organization can't meet its information security goals if it doesn't understand its risks. It may not be able to properly protect its resources and data.
This chapter focuses on information technology risk management. It reviews fundamental risk concepts and how they're applied. It explains how organizations use risk management to help them create their other contingency plans. ...
Get Legal Issues in Information Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.