Risk Management is the process of identifying, evaluating and responding to risks. Organizations must understand the risks involved and their potential impact. Good security measures involve a multi-layered process that protects networks, systems, assets, resources, and people. With an understanding of risk tolerance, organizations can prioritize policies, procedures and practices to meet their security needs.
A successful organization should have some of the following layers of security in place to protect its operations and minimize its risk exposure:
- Physical security to address the issues necessary to protect the physical items or areas of an organization from unauthorized access and misuse.
- Personnel security to address the protection of the individual or group that is authorized to access the organization’s information systems and assets.
- Operations security to focus on the protection of the details of a particular operation or series of activities.
- Communication security to protect the organization’s communication media, technology and content.
- Network security to protect the networking components, connections and contents.
- Information security to protect the confidentiality, integrity and availability of information and information systems.
Blog : Industry Perspectives