Information Security Governance Papers
| Paper Title | IT Risk Management |
|---|---|
| The Abstract of The Paper |
Good Corporate Governance practices determine that a Board and Senior
Management must set a clear vision and strategic objectives for their organization.
Unfortunately some constraints might hinder the realization of this vision
and strategic objectives. These constraints are known as risks.
As the Board and Senior Management are ultimately responsible for the well-being of the organization, they must ensure that all risks are properly addressed. For this reason, Risk Management is definitely their responsibility. Risk Management is the process to identify and assess all potential risks as well as introducing controls that should mitigate all these risks to acceptable low levels. Information and IT are critical to the success of any organization and, therefore, IT risks are also a Senior Management responsibility. |
| Web Link | http://www.springerlink.com/content/w21116100311u0h7/fulltext.pdf?page=1 |