In this unit we shall:

• Review a number of common definitions of Information Risk Management.

• Review some common Information Security Management Concepts.

• Discuss the Risk Management Process.

On completion of this unit you will be able to:

• Discuss the various definitions of risk.

• Explain how to assess, qualify and mitigate risks.

• Describe various approaches to quantify and qualify risks.

• List common risk standards and select the appropriate one(s) for a given situation.