Chapter 20. Risk Management, Security Compliance, and Audit Controls

Solutions in this chapter:

▪ Risk Analysis

▪ Creating an Information Systems Risk Program

▪ Risk Assessment

▪ Risk Summary

▪ Business Impact Analysis

▪ Defense in Depth

▪ Data Classification

Summary

Introduction

In this chapter we introduce the major methods used in risk measurement and audit. Risk assessment is fundamental to the security of any organization. It is essential in ensuring that controls and expenditure are fully commensurate with the risks to which the organization is exposed. First we define risk and other terms and then look at the methods used.

What is a Process?

Processes are the methods that we use to achieve our objectives. How are processes implemented within an organization? ...

Get The IT Regulatory and Standards Compliance Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The IT Regulatory and Standards Compliance Handbook by Craig S. Wright

Solutions in this chapter:

Introduction

What is a Process?

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly