ISF Driving risk out of the business

ISFFull title:  Driving information risk out of the business.

Pages: 67

Overview: This report quantifies the business risk of breakdowns in information security. It is based on the results of the ISF 1998 information security status survey – which led to a breakthrough in understanding why IT risk is so high. It describes what makes 'benchmark environments' differ from other environments and presents a model for driving down risks based on the security practices and procedures applied to benchmark environments. The experience of the off-shore oil industry is also featured. Guidance on how the model can be applied in is provided.

Published by: Information Security Forum (ISF)

Date published: April 1999

Language: English

Status: Available to ISF Members.

Citicus role: A founder of Citicus carried out the research on which this report is based for and on behalf of the ISF, and was the principal author of the report.

Published Work

Share this post