Hypothesis

- Survey results corroborate that the strongest relationship exists between ‘management commitment’ to implement a risk management framework and any possible benefit for the organisation.

- The second and third most important pre-conditions for benefits are ‘infosec development’ and ‘strategic alignment in RM’ i.e. establishing an infosec programme to improve security management enterprise-wide and align all risk management activities with the strategy of the organisation.

- The development of all risk management related fields within the organisation brings benefits to the organisation. Specifically, this is the case for infosec, ERM and ORM.