Centro de Documentacion de Fundación MAPFRE - Risk management-risk assessment in European regulation, international guidelines and codes of practice

Publicación: Crete : ENISA, 2007Notas: Sumario: The presented material can be used as a source of reference to existing legal frameworks. This is an inherent counterpart of initial phases of Risk Management / Risk Assessment where the applicable legal framework has to be identified (usually within the activity Definition of External Environment). It comprises one of the main parameters for the evaluation of impact of the assessed risks. The presented material has been grouped in categories according to the horizontal applicability of normative areas, e.g. Data Protection/Privacy, National Security, Civil and Penal Law, Corporate Governance, etc. The vertical applicability according to application areas (e.g. Telecommunications, Financial Services, Health and Commerce Services) has not been considered. This was due to the fact the relevance of legal requirements to application areas may vary according to the security context of information being processed within the application. Thus, vertical aspects seemed not to be stable enough to be use as basis for the classificationMateria / lugar / evento: Gerencia de riesgos Evaluación de riesgos Seguridad de la información Código de Buenas Prácticas Análisis de riesgos Código internacional Unión Europea Otros autores: Dumortier, J.
Graux, Hans
European Network and Informatin Security Agency. Technical Department of Section Risk Management
Otras clasificaciones: 7