As information technology more and more falls within the range of mutual governance, so management must more and more focus on the management of risk to the success of its business objectives. There are two essential components of effectual management of risk in information and information technology. The primary relates to an organization’s planned deployment of information technology in order to get its mutual goals, the second relates to risks to those assets themselves.