Most organizations adopt either NIST or ISO 27005 frameworks to demonstrate to auditors and regulators that they have a sound risk management program. But Gartner recommends organizations to adopt an approach that best fits their needs, requirements, objectives, and culture, and allows risk to inform all business decisions — particularly cyber and IT risk decisions.
Find out more with this complimentary copy of Gartner® report, Ten Cyber and IT Risk Fundamentals You Must Get Right, from analysts Claude Mandy and Jie Zhang.
The report discusses:
- The importance of creating a cyber risk strategy to meet the needs of your customers, regulators, and the board
- What is security risk assessment and how to use the right one, along with appropriate controls
- The essentials of a sound and successful cyber and IT risk management program
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner, Ten Cyber and IT Risk Fundamentals You Must Get Right,By Claude Mandy, Jie Zhang, 19 October 2021
