📕 Protect your organisation from information security risksFor any modern business to thrive, it must assess, control and audit the risks it faces in a manner appropriate to its risk appetite. As information-based risks and threats continue to proliferate, it is essential that they are addressed as an integral component of your enterprise's risk management strategy, not in isolation. They must be identified, documented, assessed and managed, and assigned to risk owners so that they can be mitigated and audited.Fundamentals of Information Risk Management Auditing provides insight and guidance on this practice for those considering a career in information risk management, and an introduction for non-specialists, such as those managing technical specialists. Product overviewFundamentals of Information Risk Management Auditing - An Introduction for Managers and Auditors has four main parts:What is risk and why is it important?An introduction to general risk management and information risk.Introduction to general IS and management risksAn overview of general information security controls, and controls over the operation and management of information security, plus risks and controls for the confidentiality, integrity and availability of information.Introduction to application controlsAn introduction to application controls, the controls built into systems to ensure that they process data accurately and completely.Life as an information risk management specialist/auditorA guide f...