discussions 179

400 to 500 words

Information and Risk Management (IRM)

IRM entails procedures that are enacted by individuals or organizations in order to significantly reduce vulnerabilities, threats, and consequences of having unprotected data (Stevens, 2015). Following the rapid technology growth, cases of computer hacking are common. The crimes are facilitated by negligence in the management and handling of pertinent information.

Information can be stolen from the databases through physical or cyber means. Further, data loss is classified as either intentional or unintentional. Intentional threat occurs in situations where hackers invade organizations’ computer systems but with malicious intents. Unintentional threat, on the other hand, takes place where employees are negligent in handling information such as using weak passwords creating opportunities for cybercriminals to attack.

Managing information risks should start at a point where the organization understands all types of threats facing their databases. Additionally, firms should evaluate the types of vulnerabilities that their IT department could encounter. This should be followed by setting comprehensive IRM strategies: the approach should commence with creating awareness of the threats among the stakeholders.

Moreover, the firms should respond by employing technical controls; this entails features such as antivirus software, intrusion detection, and firewalls among others. The approaches could be reinforced through hiring a vendor risk management group that will be mandated to work closely with all third parties. The groups will be informed about the need to observe and abide by the set IRM policies (Whitman, Mattord, & Green, 2013).

In conclusion, in the contemporary world, information has been vulnerable to computer criminals such as hackers. It is thus upon the concerned firms to enact stringent measures that will increase data protection. Vigilant IRM policies should be put in place and observed by all stakeholders.


Has the organization managements played part in increase in information risk in the modern world?


Stevens, M. (2015). What is Information Risk Management?

https://www.bitsight.com/blog/what-is-information-risk-management Retrieved on 23/08/2019

Whitman, M. E., Mattord, H. J., & Green, A. (2013). Principles of incident response and

disaster recovery. Cengage Learning.

Do you need a similar assignment done for you from scratch? We have qualified writers to help you. We assure you an A+ quality paper that is free from plagiarism. Order now for an Amazing Discount!
Use Discount Code "Newclient" for a 15% Discount!

NB: We do not resell papers. Upon ordering, we do an original paper exclusively for you.