Search in ISMS Guides

Google
 

Tuesday, August 14, 2007

Good Ebook

Risk Management Guide for Information Technology Systems
(NIST Special Publication 800-30)
INTRODUCTION
Every organization has a mission. In this digital era, as organizations use automated information technology (IT) systems1 to process their information for better support of their missions, risk management plays a critical role in protecting an organization’s information assets, and therefore its mission, from IT-related risk.
An effective risk management process is an important component of a successful IT security program. The principal goal of an organization’s risk management process should be to protect the organization and its ability to perform their mission, not just its IT assets. Therefore, the risk management process should not be treated primarily as a technical function carried out by the IT experts who operate and manage the IT system, but as an essential management function of the organization.

Risk Management Guide for Information Technology Systems

No comments: