The aim of this book is to demonstrate the use of business-driven risk assessments within the privacy impact assessment process to meet the requirements of privacy laws.

This book introduces the cyber risk investment model, and the cybersecurity risk management framework used within business-driven risk assessments to meet the intent of Privacy and Data Protection Laws. These can be used by various stakeholders who are involved in the implementation of cybersecurity measures to safeguard sensitive data. This framework facilitates an organization’s risk management decision-making process to demonstrate the mechanisms in place to fund cybersecurity measures to comply with Privacy Laws and demonstrates the application of the process by showcasing six case studies. This book also discusses the elements used within the cybersecurity risk management process and defines a strategic approach to minimize cybersecurity risks.

Features:

• Aims to strengthen the reader’s understanding of industry governance, risk and compliance practices
• Incorporates an innovative approach to assess business risk management
• Explores the strategic decisions made by organizations when implementing cybersecurity measures and leverages an integrated approach to include risk management elements