Risk management is the set of processes through which management identifies, analyses and, where necessary, responds appropriately to risks that might adversely affect the organisation.

Information risk management is the process of identifying and assessing risk relating to information and information systems, reducing it to an acceptable level, and implementing the right mechanisms to maintain the level of acceptable risk.

The process of information risk management must be repeated indefinitely. It is ongoing and iterative. The choice of countermeasures or controls used to manage information risk must strike a balance between productivity, cost, efficacy and the value of the information asset being protected.

Information Legal services seek to advise and assist clients to reach their chosen balance between risk, adverse postures and aggressive business strategies.