'Information and IT Risk Management in a Nutshell'. The outstanding value of this book is the smart combination of methods and practical guidelines into one handy book. This reference manual is based on the substantial applied experience of the author. Like Andreas' earlier publications, 'The project is dead... long live the project! (2004)' and 'Der Software-Testprozess für IT-Manager (2002)', this one is also a pragmatic guide. Many books have been written about Information Security. Most of them are thick and scientific. Here comes the down-to-earth answer for implementers. For those dealing with risks in Information or IT Management this guide is useful in multiple ways: The reader gets a deep insight into applied Information and IT risk management and it helps to build and maintain a well functioning Information and IT risk management system.