This book aims to demonstrate the use of business‑driven risk assessments to address government regulations and guidelines specific to the management of risks related to all third‑party arrangements and emphasises that organisations retain accountability for business activities, functions and services outsourced to a third party.

This book introduces the cyber risk investment model and the cybersecurity risk management framework used within business‑driven risk assessments to address government regulations, industry standards and applicable laws. This can be used by various stakeholders who are involved in the implementation of cybersecurity measures to safeguard sensitive data. This framework facilitates an organisation’s risk management decision‑making process to demonstrate the mechanisms in place to fund cybersecurity measures and demonstrates the application of the process showcasing three case studies. This book also discusses the elements used within the cybersecurity risk management process and defines a strategic approach to minimise cybersecurity risks.

Features:

• Aims to strengthen the reader’s understanding of industry governance, risk and compliance practices.
• Incorporates an innovative approach to assess business risk management.
• Explores the strategic decisions made by organisations when implementing cybersecurity measures and leverages an integrated approach to include risk management elements.