APPENDIX I – DEFINITIONS, STANDARDS AND GLOSSARY OF TERMS

It is very helpful in any context, but especially in information risk management, that we have a common understanding of the terminology used. For example, people often refer to risk when they actually mean threat without perhaps realising that there is a distinct difference.

In this section, we provide definitions of all the key terms used in information risk management, most of which originate in ISO Guide 73:2009 – Risk Management – Vocabulary.

We shall then move on to cover the main national and international standards and good practice guidelines used in the management of information risk, and also identify where the reader can obtain them.

Risk management can be significantly ...

Get Information Risk Management, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.