Chapter 9

Reports and Consulting

Information in this Chapter


Whether you are a risk manager who is engaging outside consultants to perform risk assessments or the consultant who is framing out a risk offering, this chapter includes some essential guidance for how this can be done optimally. We start out with a brief review of the basic artifacts of a risk management program and end with an in-depth look at how to bring risk analysis into the audit process. Even if you don’t ever plan to be a consultant or hire them to supplement your team’s abilities, the concepts in this chapter can really help you improve your risk-presentation skills.

Risk ...

Get Security Risk Management now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.