The five attributes which are believed to make up a
comprehensive and more effective IT security risk
management approach are discussed in this section. These
attributes have been derived through the detailed analysis of
the IT security risk management frameworks discussed in
section 11 of this paper.