With risk being the main cause of uncertainty in any organisation, senior management/boards have either a fiduciary, or both a fiduciary and a statutory, duty to identify and manage risk within the business. And, with companies trying to be more competitive and cost-effective than ever, they are increasingly focusing more on identifying risks and managing them before they even affect the business.
In order for the business to thrive, it must assess, control and audit the risks it faces in a manner appropriate to its risk appetite. As information-based risks and threats continue to proliferate, it is essential that they are addressed as an integral component of your enterprise’s risk management strategy, not in isolation. They must be identified, documented, assessed and managed, and assigned to risk owners so that they can be mitigated and audited.
The fundamentals of information security risk management auditing is explained in IT Governance Publishing’s (ITGP’s) latest title.
Gain an interesting and useful insight into the risks and controls/mitigations that you may encounter when performing or managing an audit of information risk with this book, which will enable you be better prepared for your day-t0-day job.
Case studies and chapter summaries impart expert guidance to provide the best grounding in information risk available for risk managers and non-specialists alike.
“…such a useful guide for our chosen profession…This will be very useful to those entering this area for the first time, either as audit practitioners or managers. Especially for those working in multi-national industries as it provides useful oversight of internationally accepted standards.”
Out now, and available in softcover, eBook, Kindle and ePub formats, this book is ready to purchase.