The Effect of Organisational Structure and Culture on Information Security Risk Processes

Risk assessment is regarded as an integral part of any information security management framework. This is because an information security management framework exists to enable an organisation to maximise the use of its information within a level of risk that is acceptable to the organisation. In information security management literature risk assessment processes are presented as pivotal to the success of the information security management framework.
Risk assessment is used to establish the ISMS, determine the information security risks that an organisation faces, and identify the security countermeasures necessary to reduce the risks to an appropriate level. The emphasis is on an “appropriate response” to the measure of risk where appropriate is considered in the overall context of the organisation. Risk assessment is enmeshed with additional organisational processes that construct what is termed an Information Security Management System (ISMS). An information security management system is primarily described in the information security management standard ISO 27001 [9, clauses 4-8].
It is an abstracted organisational model found in information security management literature which articulates a systematised view of the information security management functions and processes described in much of the information security management literature. The role of an Information Security Management System (ISMS) is to ensure that adequate controls are “established, implemented, monitored, reviewed and improved, where necessary, to ensure that the specific security and business objectives of an organisation are met. ” [8, p. viii].In this regard, an ISMS is comprised of logical management functions and management processes. The relationship between risk assessment and the other information security management processes is described in Figure One which shows that the processes interact in a continuous loop, termed the Plan-Do-Check-Act cycle (PDCA) or Deming Wheel in security management literature. The dominating decision making processes are risk based and constitute some form of risk assessment or evaluation. However the extent to which the process is a “technical”, standardised one, is highly dependent on the organisational context, as this paper discusses.
Approximate price: $22
We value our customers and so we ensure that what we do is 100% original..

With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.The Product ordered is guaranteed to be original. Orders are checked by the most advanced anti-plagiarism software in the market to assure that the Product is 100% original. The Company has a zero tolerance policy for plagiarism.The Free Revision policy is a courtesy service that the Company provides to help ensure Customer’s total satisfaction with the completed Order. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.The Company is committed to protect the privacy of the Customer and it will never resell or share any of Customer’s personal information, including credit card data, with any third party. All the online transactions are processed through the secure and reliable online payment systems.By placing an order with us, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.