Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors

CHAPTER 4: INFORMATION RISKS AND FRAMEWORKS

Overview

So far we have considered the nature of risk and how it impacts organisations. As information is a key asset of an organisation, a significant area of investment, and one with specific risk implications, it should be high on the agenda of most organisations. Much mystique has arisen around IT assurance because of its technical nature – however, the basic principles are the same as for any other risk impacting the entity. In this chapter we will consider:

• What is information risk?

• The frameworks to help analyse and manage risk:

COBIT 5

ISO standards

CRAMM.

• Summary

Management ...

Get Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors by Christopher Wright

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly