Risk Management Model

Previous page
Table of content
Next page

In order to assess and mitigate risk, a standard method should be used. As stated earlier in this chapter, there is no one single risk management methodology that is better than another. The methodology below is a composite of best practices from industry and government models, most notably the National Institute of Standards and Technology and the Information Systems Audit Control Association and ISO standard 17799.

The key to success is not the model but whether the model works for your business and whether you are able as the IT risk manager to articulate the business value of having a risk management methodology. A standard methodology that all business units use to assess risk will provide the key ingredient for a successful program. The following paragraphs discuss the risk management model as shown in Figure 3, and define and explain the steps in the process.

click to expand
Figure 3


Previous page
Table of content
Next page
Information Technology Security. Advice from Experts
Information Technology Security. Advice from Experts
ISBN: 1591402484
EAN: N/A
Year: 2004
Pages: 113
BUY ON AMAZON
Beginning Cryptography with Java
FileMaker Pro 8: The Missing Manual
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
GO! with Microsoft Office 2003 Brief (2nd Edition)
Special Edition Using Crystal Reports 10
802.11 Wireless Networks: The Definitive Guide, Second Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy