Information is a key asset to organizations, so they must apply security measures, policies, procedures, guidelines and also take advantage of good opportunities to leverage business success. This case study aims to verify how information security risk management is presented, according to I.T. manager’s perceptions, in a Brazilian federal public institution. The results demonstrate the relevance of policies, standards, procedures and their implementation as well as roles played by people and their responsibilities aiming greater control of information security risks.
Prof. Dr. Bilal BİLGİN