The originality of the book's approach is to elevate the role of risk and security from that of an accessory function, one defined by guidelines, to a key component of organizational design. Risk and Security are revisited through a lens that combines organizational theories and management, the whole seen from the perspective of a framework that enriches the design phase with new tasks to ensure that the resulting information system complies not only with security, but also other requirements.
That organizational theories related to risk can provide considerable support to both the concept and the practice of security and this is meticulously explored in the book, hopefully encouraging other academic analyses of aspects that, thanks to the widespread use of technology that affects us all regardless of time or place, play a key role in our daily life.
The book further rewards us by extending the concept and definition of risk well beyond the realm of information systems to comprise also human resources, assigning critical importance to these latter when it comes to building a well-protected information system.
The book marries the practical and theoretical aspects with a skill that makes it a valuable aid to both research and practice.

Maurizio Cavallari is adjunct professor of Università Cattolica's Faculty of Banking, Finance and Insurance Sciences and Faculty of Economics. A teacher of Information systems for many years, he has actively participated in a number of research projects, including some funded by the European Union. He is currently a member of LSI-SIN (Legal and Security Issues-Special Interest Network) group at Brussels (part of the EU CEPIS agency) and an advisor on Information Technology and Organization, the field he teaches.