Paper Title
The Importance of Risk Management in Information Security

Abstract
Information is critically important at increasing risk of loss or compromise. The heart of an information risk management program is an ongoing process of risk assessment which involves an understanding of possible risk tolerance, knowledge of likely risks and threats, measured assessments of established controls, and executed plans to address identified vulnerabilities. Information Security Standarts must be implemented in all organizations for the risk management to be applied in all levels. If the risk management is practised well, Information Security will be more effective. Keywords- Information Security, Risk Management, Information Security Standarts, Information Security Risks, ISO 27001