O'Reilly logo

The Chief Information Security Officer: Insights, tools and survival skills by Jake Kouns, Barry Kouns

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 5: RISK MANAGEMENT

Good risk management fosters vigilance in times of calm and instills discipline in times of crisis.

Dr Michael OngExecutive Director, Center for Financial Markets

This chapter is about the heart of any Information Security Management System; the risk management methodology. The methodology used to identify, analyze, evaluate and treat risks is foundational to any ISMS, and sets the stage for identifying and appropriately protecting the organization’s assets.

Before we begin, what would you say is the definition of risk? Most security professionals would quote something like this:

1     Risk is the impact to an asset considering the probability that a particular threat will exploit a particular information system vulnerability. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required