Voorwoord 7

1 Information Risk Management in de praktijk 9

2 Enterprise Security Architecture 23

3 IT-Compliance 33

4 Business Continuity Management (BCM) 47

5 Identity & Access Management 61

6 Information Security Governance 75

7 Role Based Access Control als onderdeel van IAM 85

8 Social engineering 95

9 Technical Auditing 109

10 Coso en Internal environment 119

Literatuur 129

Auteurs 133

Over Atos Consulting 137