Information Risk Management: A practitioner's guide

Information risk management (IRM) is about identifying, assessing and prioritising risks to keep information secure and available. This accessible book is a practical guide to understanding the principles of IRM and developing a strategic approach to an IRM programme. It also includes a chapter on applying IRM in the public sector. It is the only textbook for the BCS Practitioner Certificate in Information Risk Management.

Book contents:

  1. The Need for Information Risk Management

  2. Review of Information Security Fundamentals

  3. The Information Risk Management Programme

  4. Risk Identification

  5. Threat and Vulnerability Assessment

  6. Risk Analysis and Risk Evaluation

  7. Risk Treatment

  8. Risk Reporting and Presentation

  9. Communication, Consultation, Monitoring and Review

  10. The CESG IA Certification Scheme

  11. HMG Security Related Documents