ABSTRACT
After reading this chapter and completing the case project, you will • Understand the steps organizations take in identifying at-risk
ICT assets; • Understand the steps necessary to analyze the business envi-
ronment in order to include all affected functions into the organizational cybersecurity plan;
• Understand how ICT governance is used to understand cybersecurity roles, responsibilities, and best practices for risk management decision making;
• Understand the steps taken to assess risk of ICT systems within an organization; and
• Understand the role of risk management in securing ICT systems.