Chapter 1. Risk Management Fundamentals

RISK MANAGEMENT IS IMPORTANT to the success of every company—a company that takes no risks doesn't thrive. On the other hand, a company that ignores risk can fail when a single threat is exploited. Nowadays, information technology (IT) systems contribute to the success of most companies. If you don't properly manage IT risks, they can also contribute to your company's failure.

Effective risk management starts by understanding threats and vulnerabilities. You build on this knowledge by identifying ways to mitigate the risks. Risks can be mitigated by reducing vulnerabilities or reducing the impact of the risk. You can then create different plans to mitigate risks in different areas of the company. A company ...

Get Managing Risk in Information Systems now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.