Full title: ISF Information risk reference guide
Overview: This guide provides ISF members with hard facts and other reference material that can be used to manage information risk effectively. It defines information risk and describes its significance, main components and how they can be measured.
It presents measurements of each component distilled from the ISF survey and outlines actions that risk managers can take to help their organisations manage this key area of risk. It's aim is to provide ISF members with a body of fact that they can use in the same way that the road safety community employs data about drivers, vehicles and incidents to reduce crime and improve safety.
Published by: Information Security Forum (ISF)
Date published: September 1999
Status: Available to ISF Members.
Citicus role: A founder of Citicus directed this study for and on behalf of the ESF and was the principal author of the report. Two other directors contributed to the analysis and review stages of its production.