Strategic Information Security Risk Management
Risk management entails more than traditional risk analysis or risk assessment. These traditional tools are limited in fundamental ways, such as the lack of reliable frequency data about past risk events and the relative rarity of many kinds of risk that must still be managed. Risk management involv...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Book Chapter |
| Published: |
M E Sharpe Inc
2008
|
| Online Access: | http://hdl.handle.net/20.500.11937/9138 |
| _version_ | 1848745863185170432 |
|---|---|
| author | Baskerville, Richard |
| author2 | D W Straub |
| author_facet | D W Straub Baskerville, Richard |
| author_sort | Baskerville, Richard |
| building | Curtin Institutional Repository |
| collection | Online Access |
| description | Risk management entails more than traditional risk analysis or risk assessment. These traditional tools are limited in fundamental ways, such as the lack of reliable frequency data about past risk events and the relative rarity of many kinds of risk that must still be managed. Risk management involves four types of risk treatments: self-protection, risk transfer, self-insurance, and risk avoidance This chapter introduces an approach to risk management in which the risks and risk treatments are strategically managed using a portfolio approach. With a portfolio approach, different risk portfolios are managed through a portfolio of risk treatments. |
| first_indexed | 2025-11-14T06:24:07Z |
| format | Book Chapter |
| id | curtin-20.500.11937-9138 |
| institution | Curtin University Malaysia |
| institution_category | Local University |
| last_indexed | 2025-11-14T06:24:07Z |
| publishDate | 2008 |
| publisher | M E Sharpe Inc |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | curtin-20.500.11937-91382022-11-21T05:19:40Z Strategic Information Security Risk Management Baskerville, Richard D W Straub S Goodman R Baskerville Risk management entails more than traditional risk analysis or risk assessment. These traditional tools are limited in fundamental ways, such as the lack of reliable frequency data about past risk events and the relative rarity of many kinds of risk that must still be managed. Risk management involves four types of risk treatments: self-protection, risk transfer, self-insurance, and risk avoidance This chapter introduces an approach to risk management in which the risks and risk treatments are strategically managed using a portfolio approach. With a portfolio approach, different risk portfolios are managed through a portfolio of risk treatments. 2008 Book Chapter http://hdl.handle.net/20.500.11937/9138 M E Sharpe Inc restricted |
| spellingShingle | Baskerville, Richard Strategic Information Security Risk Management |
| title | Strategic Information Security Risk Management |
| title_full | Strategic Information Security Risk Management |
| title_fullStr | Strategic Information Security Risk Management |
| title_full_unstemmed | Strategic Information Security Risk Management |
| title_short | Strategic Information Security Risk Management |
| title_sort | strategic information security risk management |
| url | http://hdl.handle.net/20.500.11937/9138 |