Section 1. Frameworks and m ethodologies. Chapter 1. An analytical study of methodologies and tools for enterprise information security risk management ; Chapter 2. A step-by-step procedural methodology for improving an organization's it risk management system ; Chapter 3. Strengthening IT governance with COBIT -- Section 2. Regulatory and compliance risks. Chapter 4. Implications of HIPAA and subsequent regulations on information technology ; Chapter 5. Navigating Through choppy waters of PCI DSS compliance -- Section 3. Human and social risks. Chapter 6. Fortifying corporate human wall: a literature review of security awareness and training ; Chapter 7. A tale of policies and breaches: analytical approach to construct social -- Section 4. Technology risks. Chapter 8. Information technology outsourcing risk factors and provider selection ; Chapter 9. Impact of technology innovation: a study on cloud risk mitigation ; Chapter 10. Swimming upstream in turbulent waters: auditing agile development ; Chapter 11. Do privacy concerns affect information seeking via smartphones?