ABSTRACT
The purpose of this chapter is to discuss the role of information security business processes in supporting
an enterprise view of risk management and to highlight how, working in harmony, the ERM and
information security organizational components can provide measurable value to the enterprise people,
technologies, processes, and mission. This chapter also briefly focuses on additional continuity process
improvement techniques.