|
CHAPTER 14 |
Risk Analysis, Incident Response, and Contingency Planning |
RISK MANAGEMENT IS AN IMPORTANT information security tool. The risk management process helps an organization understand the risks, vulnerabilities, and threats that it faces each day. It helps the organization understand its security posture. It also helps the organization know where to strengthen that posture. An organization can’t meet its information security goals if it doesn’t understand its risks. It may not be able to properly protect its resources and data.
This chapter focuses on information technology risk management. It reviews fundamental risk concepts and how they’re applied. It explains how organizations use risk management to help them create their ...
Get Legal Issues in Information Security, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
