Write a paper where you:
Define risk management and information security clearly. Discuss how information security differs from information risk management.
Explain security policies and how they factor into risk management.
Describe at least two responsibilities for both IT and non-IT leaders in information risk management.
Describe how a risk management plan can be tailored to produce information and system-specific plans.