Risk management is an activity which integrates recognition of risk, risk assessment, developing strategies to manage it, and mitigation of risk using managerial resources.

A successful risk management strategy requires a strong internal control environment.

• Objective of risk management is to reduce different risks related to a pre-selected domain to an acceptable.
• This document outlines risk management strategies, policies and procedures and controls common to managing security configurations, assess the adequacy and robustness of it and it’s include which :
• The formal policies dealing with risk measurement and risk reporting
• The global limits of each major based upon an evaluation of the risks
• The effective reporting systems is in place