A simplified approach to Risk Management for SMEs

The aim of this document is to provide a simplified and comprehensive view of risk management/risk assessment for use within small and medium sized enterprises (SMEs). To achieve this goal, the present document has been structured in a modular way. It is made up of various parts each devoted to particular needs of stakeholders involved in the process of risk assessment and risk management. The philosophy behind the generation of this material was to shield (non-expert) users from the complexity of risk management and risk assessment activities. In doing so, some complex security matters have been simplified to the minimum needed to achieve an acceptable security level.