This study covers risk management in particular for information technology (IT). It discusses the history of risk, the basis for current risk assessment processes used in information technology and the areas of IT risk which are currently neglected by ava