Hardback

Paperback

eBook

Add to GoodReads

Managing Information Risks

Threats, Vulnerabilities, and Responses

William Saffady

Managing Information Risks: Threats, Vulnerabilities, and Responses identifies and categorizes risks related to creation, collection, storage, retention, retrieval, disclosure and ownership of information in organizations of all types and sizes. It is intended for risk managers, information governance specialists, compliance officers, attorneys, records managers, archivists, and other decision-makers, managers, and analysts who are responsible for risk management initiatives related to their organizations’ information assets.

An opening chapter defines and discusses risk terminology and concepts that are essential for understanding, assessing, and controlling information risk. Subsequent chapters provide detailed explanations of specific threats to an organization’s information assets, an assessment of vulnerabilities that the threats can exploit, and a review of available options to address the threats and their associated vulnerabilities. Applicable laws, regulations, and standards are cited at appropriate points in the text. Each chapter includes extensive endnotes that support specific points and provide suggestions for further reading.

While the book is grounded in scholarship, the treatment is practical rather than theoretical. Each chapter focuses on knowledge and recommendations that readers can use to:

heighten risk awareness within their organizations,
identify threats and their associated consequences,
assess vulnerabilities,
evaluate risk mitigation options,
define risk-related responsibilities, and
align information-related initiatives and activities with their organizations’ risk management strategies and policies.

Compared to other works, this book deals with a broader range of information risks and draws on ideas from a greater variety of disciplines, including business process management, law, financial analysis, records management, information science, and archival administration. Most books on this topic associate information risk with digital data, information technology, and cyber security. This book covers risks to information of any type in any format, including paper and photographic records as well as digital content.

Rowman & Littlefield Publishers

Pages: 256 • Trim: 6 x 9

978-1-5381-3548-8 • Hardback • November 2020 • $110.00 • (£85.00)

978-1-5381-3549-5 • Paperback • October 2020 • $55.00 • (£42.00)

978-1-5381-3550-1 • eBook • October 2020 • $52.00 • (£40.00)

Subjects: Language Arts & Disciplines / Library & Information Science / Archives & Special Libraries

Managing Information Risks

Threats, Vulnerabilities, and Responses

Hardback

Paperback

eBook

Summary

Managing Information Risks: Threats, Vulnerabilities, and Responses identifies and categorizes risks related to creation, collection, storage, retention, retrieval, disclosure and ownership of information in organizations of all types and sizes. It is intended for risk managers, information governance specialists, compliance officers, attorneys, records managers, archivists, and other decision-makers, managers, and analysts who are responsible for risk management initiatives related to their organizations’ information assets.

An opening chapter defines and discusses risk terminology and concepts that are essential for understanding, assessing, and controlling information risk. Subsequent chapters provide detailed explanations of specific threats to an organization’s information assets, an assessment of vulnerabilities that the threats can exploit, and a review of available options to address the threats and their associated vulnerabilities. Applicable laws, regulations, and standards are cited at appropriate points in the text. Each chapter includes extensive endnotes that support specific points and provide suggestions for further reading.

While the book is grounded in scholarship, the treatment is practical rather than theoretical. Each chapter focuses on knowledge and recommendations that readers can use to:
- heighten risk awareness within their organizations,
- identify threats and their associated consequences,
- assess vulnerabilities,
- evaluate risk mitigation options,
- define risk-related responsibilities, and
- align information-related initiatives and activities with their organizations’ risk management strategies and policies.
Compared to other works, this book deals with a broader range of information risks and draws on ideas from a greater variety of disciplines, including business process management, law, financial analysis, records management, information science, and archival administration. Most books on this topic associate information risk with digital data, information technology, and cyber security. This book covers risks to information of any type in any format, including paper and photographic records as well as digital content.

Details

Rowman & Littlefield Publishers

Pages: 256 • Trim: 6 x 9

978-1-5381-3548-8 • Hardback • November 2020 • $110.00 • (£85.00)

978-1-5381-3549-5 • Paperback • October 2020 • $55.00 • (£42.00)

978-1-5381-3550-1 • eBook • October 2020 • $52.00 • (£40.00)

Subjects: Language Arts & Disciplines / Library & Information Science / Archives & Special Libraries

Author

William Saffady is a records management and information governance consultant and researcher based in New York City. He is the author of over three-dozen books and many articles on information governance, records management, record retention, document storage and retrieval technologies, library automation, and other information management topics. Dr. Saffady received his B.A. degree from Central Michigan University and his M.A., Ph.D, and M.S.L.S. degrees from Wayne State University. Before establishing his full-time consulting practice, he was a professor of library and information science at the State University of New York at Albany, Long Island University, Pratt Institute, and Vanderbilt University. Dr. Saffady is a Fellow of ARMA International, and he is profiled in the Encyclopedia of Archival Writers, 1515-2015, a reference work published by Rowman & Littlefield in 2019.

Table of Contents

Preface
Chapter 1: Risk Terms and Concepts
Chapter 2: Creation and Collection of Information
Chapter 3: Loss of Information
Chapter 4: Retention of Information
Chapter 5: Retrieval and Disclosure of Information
Chapter 6: Ownership of Information

Reviews

This is the most important, comprehensive, and sensible book available today on information risk management.
Risk managers, information governance specialists, records mangers, compliance officers, and other professionals will appreciate the lifecycle approach taken to address information-related threats and vulnerabilities that arise at any point from information creation through disposition.
The value of the work as a textbook for courses in risk management, information governance and related subjects is undeniable. Those new to both information governance and risk management will appreciate Saffady’s view of risk as a combination of threats, vulnerabilities, and consequences and his assertion that without vulnerability a threat can pose no harm.
All readers will come away with an understanding of information-related threats, vulnerabilities each threat can exploit, and options available to address those threats and associated vulnerabilities.

— Patricia C. Franks, Program Coordinator for the Master of Archives and Records Management, School of Information, San José State University, and author of Records and Information Management

Managing Information Risks

Threats, Vulnerabilities, and Responses

William Saffady

Managing Information Risks

Threats, Vulnerabilities, and Responses

ALSO AVAILABLE