Risk Management (3 paragraphs)
From your reading, research, and experience, consider how to define risk management with respect to information security. Examine whether risk management enhances or hinders business objectives and how much security is required for a business to operate securely. How can governance policies and principles be used to inform strategic decisions being made by business organizations and their IT security management professionals? Consider the opposing needs of information security and business objectives within an organization.
Illustrate your position with examples and provide support for your position from at least two relevant sources. Consider opportunities where additional scholarly support could further this discussion. Cite your sources using current APA style and format.