Security Policy
Basics of Risk Management
Exposure to a chance of loss or damage tends to make companies and organizations more risk averse. In the ever-changing business world, enterprise Risk Management attempts lessen the seriousness or extent of risk when possible through best practices (ITIL) and security standards (ISO 27002, ISO 27005, PCI). The management of risk is even more strongly marked with regards to finance and insurance. The state of having financial security being vulnerable or exposed leads companies to maintain programs of financial risk management (Solvency 2) and governments to issue regulatory laws (Sarbanes Oxley in the United States and Basel II in Europe) and security regulations (HIPAA, GLBA) attempting to preserve and maintain desired outcomes.