What is Risk Management?
The concept of risk management is a detailed process of identifying specific factors that could damage or disclose data.
Evaluating those factors involves producing countermeasure cost and implementing cost-effective solutions for mitigating or reducing risk.
Risk management is used as a way to formally develop and implement information security strategies. The main goal of information security strategies is to reduce risk and support the mission of the organization.