The Purpose of Risk Management

1250 Words5 Pages
Executive Summary Dear Client: Thank you for your call and concerns about the issue of Data integrity for your company, IMP Inc. As your professional security consultant, I am happy to provide a brief overview of the issue for you, the identification of risks associated with data storage and use, and a matrix to categorize and assess additional risks of which we should be aware. As I understand it, IMP is concerned about the potential for data leaks that might expose your organization to financial loss, damaged reputation, and even legal action. You brought up news stories about companies being charged with negligence in their storage of confidential information, peer-to-peer file sharing applications, e-mail privacy, and other employee issues. We recently ran a brief audit at IMP and find that many of your concerns are clearly well-founded and require attention. For instance, IMP's Marketing Department uses peer-to-peer file sharing applications to distribute promotional material to potential customers, a clear benefit to the potential client and a boon to sales, but at the same time, a somewhat dangerous path into your system. The concept of risk management is a broad term that is designed as a way to quantitatively assess risks within an organization, and set priority and likelihood of those risks.. The purpose of risk management is to be proactive in improving places or processes within an organization that may have risks that can be mitigated or controlled and
Open Document