Risk management

Posted about 2 years ago. Applies to Las Vegas, NV, 3 helpful votes

Email

1

information security

Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction

2

Risk management information

The CISA Review Manual 2006 provides the following definition of risk management: "Risk management is the process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives, and deciding what countermeasures, if any, to take in reducing risk to an acceptable level, based on the value of the information resource to the organization. Risk analysis and risk evaluation processes have their limitations since, when security incidents occur, they emerge in a context, and their rarity and even their uniqueness give rise to unpredictable threats. The analysis of these phenomena which are characterized by breakdowns, surprises and side-effects, requires a theoretical approach which is able to examine and interpret subjectively the detail of each incident

3

Risk resiliency

In the business world, stockholders, customers, business partners and governments have the expectation that corporate officers will run the business in accordance with accepted business practices and in compliance with laws and other regulatory requirements. This is often described as the "reasonable and prudent person" rule. A prudent person takes due care to ensure that everything necessary is done to operate the business by sound business principles and in a legal ethical manner. A prudent person is also diligent (mindful, attentive, and ongoing) in their due care of the business.

4

Risk and performance

In the field of Information Security, Harris[11] offers the following definitions of due care and due diligence: "Due care are steps that are taken to show that a company has taken responsibility for the activities that take place within the corporation and has taken the necessary steps to help protect the company, its resources, and employees." And, [Due diligence are the] "continual activities that make sure the protection mechanisms are continually maintained and operational." The terms reasonable and prudent person, due care and due diligence have been used in the fields of Finance, Securities, and Law for many years. In recent years these terms have found their way into the fields of computing and information security. U.S.A. Federal Sentencing Guidelines now make it possible to hold corporate officers liable for failing to exercise due care and due diligence in the management of their information systems.

5

Risk

Risk is the likelihood that something bad will happen that causes harm to an informational asset (or the loss of the asset). A vulnerability is a weakness that could be used to endanger or cause harm to an informational asset. A threat is anything (manmade or act of nature) that has the potential to cause harm. The likelihood that a threat will use a vulnerability to cause harm creates a risk. When a threat does use a vulnerability to inflict harm, it has an impact. In the context of information security, the impact is a loss of availability, integrity, and confidentiality, and possibly other losses (lost income, loss of life, loss of real property). It should be pointed out that it is not possible to identify all risks, nor is it possible to eliminate all risk. The remaining risk is called residual risk

Additional Resources

Howard Roitman, Esq. 8921 W. Shara Ave Las Vegas, Nevada 89117 (702) 647-8550

Howard Roitman on Justia

Crash law

Howard Roitman @ Cornell Law

Car Crash

Negligence by employees in Nevada liability of employer

The US Consumer Product Safety Commission estimated that 1 million stair-related accidents occurred

Liability to the property owner- slip, Trip , Fall

Slip, Trip, Fall & STAIRWAY DESIGN

Biography

Unjust enrichment

Rate this guide

Related Questions

Please note that laws vary state to state. The legal advice provided in the answers below may not apply to your case.

Can't find what you're looking for? Ask a Lawyer

Get free answers from experienced attorneys.

 

Ask now

27,418 answers this week

3,046 attorneys answering