10 key answers about the importance of risk analysis and information security plan for senior managers

Information security has long been considered a secondary IT function. Besides, as it is critical for the senior management of an organization to be involved in the decision making process regarding the selection of computer security countermeasures, this research will answer to the key questions which clarify the importance and necessity of the implementation of information security plan to senior managers. In the next step, this research takes a pragmatic view of the different components of an effective security plan, and provides a perspective on how enterprises serious about their information security plan then we indicate the “position” of a risk analysis study within the overall information security plan of an organization by a methodology that called RS methodology, and finally show how the results of a risk analysis study are to be used in determining countermeasures.