Homework: Risk Management
It is an accepted truth that without risk there can be no gain. Every individual and organization must take some risks to succeed. Risk management is not about avoiding risks, but about taking risks in a controlled environment. To do this, one must understand the risks, the triggers, and the consequences.
Task
Write 3 to 4 pages paper in which you:
i. Define risk management and information security clearly. Discuss how information security differs from information risk management.
ii. Explain security policies and how they factor into risk management.
iii. Describe at least two responsibilities for both IT and non-IT leaders in information risk management.
iv. Describe how a risk management plan can be tailored to produce information and system-specific plans.
Format your homework according to the following formatting requirements:
i) The answer should be typed, using Times New Roman font (size 12), double spaced, with one-inch margins on all sides.
ii) The response also includes a cover page containing the title of the homework, the student's name, the course title, and the date. The cover page is not included in the required page length.
iii) Also include a reference page. The Citations and references must follow APA format. The reference page is not included in the required page length.
The specific course learning outcome associated with this homework is:
i. Assess how risk is addressed through system security policies, system-specific plans, and contingency plans.