Information Security and Risk Management

Information Technology (IT) based information systems have become the backbone of not only success but ofsun’ival of organizations in this highly competitive world. Considering that IT is an important asset it must be managed efficiently to minimize the risks associated with it and the systems it supports. The chapter is based on literature review of existing work on information security and risk management. It attempts to describe the theoretical perspective of information system security. It also discusses and analyses the various information security methodologies in practice.