Skip to Main Content
Stepping Through Cybersecurity Risk Management
book

Stepping Through Cybersecurity Risk Management

by Jennifer L. Bayuk
March 2024
Beginner content levelBeginner
336 pages
10h 10m
English
Wiley
Content preview from Stepping Through Cybersecurity Risk Management

10Analysis

10.1 Reports and Studies

The reports that appear in figures have so far been standard reports that may be generated automatically, depending on the capabilities of the information security management system or governance, risk, and control system used by the enterprise. There are also standard reports that are manually generated. It is not unusual for a CRO to ask all business units to produce the same information in the same format for easy assimilation by the risk and audit staff. This is usually a standard in financial reporting. It is especially common in large global organizations where different business units use different systems to manage risk and financial data, respectively. While some business process owners will be able to produce the report automatically, others may have to use a template and fill in the blanks.

What is common about reports is that these are developed in anticipation of the need for system stakeholders to review and understand cybersecurity risks within their scope of responsibility. Ideally, they are provided proactively for easy retrieval, when needed, to make decisions with respect to cybersecurity risk. Because they contain sensitive information, there may be a designated individual in each department charged with accessing and sharing reports or sections of reports with others who may not need ongoing access to all department risk information (e.g., an event contact or issue owner). There will typically be at least one report that ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Risk Management for Cybersecurity and IT Managers

Risk Management for Cybersecurity and IT Managers

Jason Dion

Publisher Resources

ISBN: 9781394213955Purchase Link