Learn how an organization needs to position itself to properly handle risks to its critical assets Information Technology Risk Management in Enterprise Environments provides a comprehensive review of industry approaches, practices, and standards on how to handle the ever-increasing risks to organizations' business-critical assets. Through a practical approach, this book explores key topics that enable readers to uncover and remediate potential infractions. The authors present an effective risk management program by providing:
-
An overview of risk assessment, mitigation, and management approaches and methodologies
-
Processes for developing a repeatable program for technological issues and human resources
-
Definitions of key concepts and security standards in the area of risk management
-
Analytical techniques for assessing the amount of risk and the benefit of risk remediation
-
Information on the development and implementation of the risk management team
Information Technology Risk Management in Enterprise Environments details fundamental corporate risks and outlines how they can be avoided. It is an essential resource for information security managers and analysts, system developers, auditors, consultants, and students in understanding the IT resources, procedures, and tools to identify and handle technology and security risks.