Chapter 12

Risk Management

Abstract

In this chapter, the authors discuss risk management as a distinct function from risk analysis. A definition for risk management is offered and tied to the questions that executives ask and the practice of risk management across the entire organization. The risk management stack is reviewed as a tool for driving from risk decision making to modeling. The authors discuss a model for capturing decisions in terms of the outcomes and ties them to three broad categories: strategic, operational, and incident management. Lastly, the risk management system model is introduced that ties risk and risk management together with a feedback loop. In addition, the difference between intended versus actual is discussed in the ...

Get Measuring and Managing Information Risk now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.