• Access control
    • cryptography
    • mobile devices
    • organization requirements for
    • risk management statement
    • taking a fresh look at
    • teleworking
    • user access management
      • management of privileged access rights
      • management of secret authentication information of users
      • removal and adjustment of user rights
      • review of user access
      • user access provisioning
      • user registration and deregistration
    • user responsibility
      • access control to program source code
      • information access restriction
      • password management system
      • privileged utility programs, use of
      • secure log-in procedures
  • Advanced Persistent Threat Awareness survey (2015)
  • Airmic
  • Align, plan, and organize (APO) domain
  • Assurance and cyber risk management
    • assurance maturity scenarios
      • less mature assurance
      • mature assurance
    • combined assurance reporting by ERM head
      • illustrative sample
    • cyber risk management statement
    • ever presence of cyber risk
    • internal auditor's expectation of an organization managing cyber risks effectively
      • case for combined assurance model
      • combined assurance obtained by CEO
      • risk assessment expected by internal audit
      • role for a cybersecurity-specific line of defense
      • role for an information, communication, and technology (ICT) unit
      • roles for compliance and quality assurance
      • roles for ERM and organization strategy to work closely with ICT


  • Big Data analytics
    • preparing for a Big Data policy
      • employee policy content amendments
      • “privacy by design” key content
    • understanding Big Data risks
  • Board cyber risk ...

Get The Cyber Risk Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.