CHAPTER 4: RISK MANAGEMENT FRAMEWORK
The process of information risk management should be applied at every stage of a project’s life cycle – in fact, it is cheaper and more efficient to undertake the work during the design stage than to retrofit the mitigation at a later date.
Whether the risk management programme is for a new project or not, there are several key stages that need to be addressed, and this is best done using some sort of information risk governance framework or risk management framework.
Though directors are ultimately accountable for the protection of the organisation’s information, the entire organisation needs to work together to ensure protection obligations are fulfilled.
According to the UK government’s guidance Managing ...
Get Managing Information Risk: A Director's Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
