|
|
|
Chapter 14. Information Security Risk ManagementInformation security risk management is more than simply completing an evaluation. The results of an evaluation provide a direction for improving your organization's security posture. However, the evaluation merely provides a direction; it does not necessarily lead to meaningful improvement. Such improvement occurs only when your organization follows through by implementing the results of the evaluation. This final chapter introduces a framework for managing information security risks.
|
|
|
|