The paper considers and discusses two closely relatedconcepts and process, namely Risk Management and SecurityManagement. Practically, there is a tendency to consider RiskManagement as a plenty process capable to protect informationassets. Based on the literature and international standards, thepaper gives an overview of all the aspects and activities related toboth processes. Risk Management and Security Management areanalyzed in order to point out their particularities andsimilitudes. The paper aims to clarify both concepts focusing onan operational, organizational and conceptual point of view byexplaining which are the differences and why these two processcan not been conceived or operated separately.