The Role of Information Security in the Enterprise Risk Management Structure

The purpose of this chapter is to discuss the role of information security business processes in supporting

an enterprise view of risk management and to highlight how, working in harmony, the ERM and

information security organizational components can provide measurable value to the enterprise people,

technologies, processes, and mission. This chapter also briefly focuses on additional continuity process

improvement techniques.