New approach to Risk Management for Small & Medium Enterprises

In order to promote Information Security the the European Network and Information Security Agency – ENISA, has produced an approach that helps Small and Medium Enterprises (SMEs) to understand and apply Risk Management.

The approach targets non-experts from small enterprises that want to introduce Risk Management as an initial step towards installing IT-security in their organizations.

The Document

The approach is available in English, French, Greek, Italian and Spanish from the ENSIA Website.

Feedback

ENISA have feedback from 3 pilot large deployments (Italy, Spain and UK), but are interested to receive any additional feedback that you may have either by trying to apply or by just reading our RM/RA approach.

Please send comments to ENISA’s Expert in Risk Analysis and Magement – Mr Daniele Catteddu.

Future work

ENISA are currently working on an additional version which will be tailored to the needs of Micro Enterprises (MEs), i.e., enterprises with less than 10 emploees.

Add a comment

Posted by: Alan Holding

Posted on: December 1, 2008.

Tags: , , , .

More stuff posted by Alan

More stuff on MDDA

Subscribe to our feed