- Risk management frameworks have a common set of core components. They are:
- Program scope
- Information risk objectives
- Information risk policy
- Risk appetite/tolerance
- Roles and responsibilities
- Risk management life-cycle process
- Risk management documentation
- Management review
- For each component, discuss:
- A description of what it is
- The different elements that comprise the component
- How it used to manage risk
