Information Security Risk Assessment: Towards a Business Practice Perspective

Download Now Free registration required

Executive Summary

Information Security Risk Assessments (ISRAs) are of great importance for organisations. Current ISRA methods identify an organisation's security risks and provide a measured, analyzed security risk profile of critical information assets in order to build plans to treat risk. However, despite prevalent use in organisations today, current methods adopt a limited view of information assets during risk identification. In the context of day-to-day activities, people copy, print and discuss information, leading to the 'Leakage' of information assets. Employees will create and use unofficial assets as part of their day-to-day routines.

  • Format: PDF
  • Size: 155.26 KB