The Importance of Risk Management in Information Security
Information is critically important at increasing risk of loss or compromise. The heart of an information risk
management program is an ongoing process of risk assessment which involves an understanding of possible risk tolerance,
knowledge of likely risks and threats, measured assessments of established controls, and executed plans to address identified
vulnerabilities. Information Security Standarts must be implemented in all organizations for the risk management to be
applied in all levels. If the risk management is practised well, Information Security will be more effective.
Keywords- Information Security, Risk Management, Information Security Standarts, Information Security Risks, ISO 27001