📓 Increasingly, organisations rely on information for their day-to-day operations, and the loss or unavailability of information can mean the difference between success and ruin. Information risk management (IRM) is about identifying, assessing and prioritising risks to keep information secure and available. This accessible book is a practical guide to understanding the principles of IRM and developing a strategic approach to an IRM programme. It also includes a chapter on applying IRM in the public sector. It is the only textbook for the BCS Practitioner Certificate in Information Risk Management.
"Anyone wishing to become an InfoSec risk management practitioner MUST purchase this book. David has produced an extremely useful and readable book for those entering this discipline and indeed those practitioners wishing to have an invaluable reference resource sitting on their bookshelf. I highly recommended it." John Hughes, Member of the InfoSec Skills Faculty, Director, SecID Consultants--
"Information is the 21st century's new gold and protecting such a volatile asset is a tremendous challenge. This book provides many keys to understanding important concepts and possible approaches for mitigating the associated risks." Lionel Dupré, CISA, CISM, Networks and Information Security Expert at ENISA -