Security Program Management and Risk

by Archie Andrews
Sept. 1, 2017 0 comments SANS Institute Pen Testing & Audits auditing & assessment

This paper argues for building a security management program on a foundation of business risk assessment and risk management. It defines and explains risk, risk assessment, risk management and relates business risk management to security risk management.