Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors

CHAPTER 1: RISKS AND CONTROLS

Overview

Before considering information risk, we need to understand the basic concepts of risks and how they can be managed. This will put the management of specific IT risks into context and also improve our communication with other risk management professionals. Following financial and other business scandals and crises, there has been an increased focus on risk – a whole industry has been created around the Sarbanes-Oxley Act, impacting US based companies. It has also become an area for academics and standard setters.

In this chapter we will consider:

• What is risk?

• Management of risk

Risk awareness and ...

Get Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors by Christopher Wright

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly