The serious and ever-changing nature of today"s security threats demand a strategic-minded response, and a successful CISO will always be thinking about how to gain business objectives through enabling technology while properly managing risk.

This pocket guide emphasises the importance of a suitable information security management system (ISMS) and the risk management methodolgy that should be at its heart.