Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Disaster Recovery Risk Assessment

Has anyone ever seen mention of the concept of a Disaster Recovery Risk Assessment? Our company has...

Steven373 @ 11/10/2017 3:28 PM | Comments (1)

Risk Assessment :Delegating CNAME and Adding SPF Record

Hi All, I need some input from you guys as per the above title I am conducting a Risk Assessment fo...

tnnadi @ 3/9/2017 3:30 PM | Comments (0)

Sample of a generic Key Risk Indicator for IT

Hi Risk Community, Good day! I'm looking for a sample list of generic KRI's for IT. I'm currently w...

Sameer848 @ 2/6/2017 9:21 AM | Comments (4)

IT Risk Assessment Schedule

Looking for ideas around building a risk assessment schedule. How are your risk assessments initiat...

Vivian152 @ 2/3/2017 4:36 AM | Comments (2)

Operational and Strategic Risk

I am working on optimizing our Risk Assessment activities, in the areas of Strategic and Operationa...

Marvin Agosto @ 7/28/2016 1:36 AM | Comments (2)

Looking For An Example Risk Assessment Report Template

Does anyone have good examples of risk assessment report templates.  I am looking for one that will...

JBIT83 @ 7/9/2016 5:53 PM | Comments (2)

In search of a Research framework for the management of ITO Risk

Hi guys,Hope you are all keeping well?I am a Masters Student at UKZN. I am presenting conducting a ...

Abdulbaqi528 @ 5/2/2016 6:01 PM | Comments (1)

Risk Register, is this the right approach?

Hi, we are in the process of an aquisition where we are the smaller of the companies involved. I ha...

David163 @ 5/2/2016 9:45 AM | Comments (2)

IT GRC Tool

Is there a common consensus out there on what GRC tool is best?  I know SAP has one but I can't see...

Christian496 @ 3/28/2016 9:02 PM | Comments (2)

IT Risk Aggregation

Can you share your thoughts how can organization aggregate IT risk using data (quantitative and qua...

Saqib070 @ 3/8/2016 3:16 PM | Comments (0)

CRYPTOLOCKER VIRUS

Hello All,Can any one suggest me the preventive actions to implement to reduce the impact on the co...

Namratha683 @ 3/7/2016 11:01 PM | Comments (6)

Social Media Threat

Dear all,I will appreciate if anyone can assist me with a document on social media threat

MONSURU660 @ 3/1/2016 3:25 AM | Comments (2)

How to objectively calculate probability when using qualitative risk assessments?

I have read through the CRISC manual and have browsed through COBIT5 for Risk and other Risk IT doc...

Christian496 @ 2/23/2016 9:15 AM | Comments (11)

Risk and Politics!

This article makes an interesting point about the duty of risk professionals to operate with integr...

Phil Green @ 1/11/2016 4:33 AM | Comments (0)

Cloud Services Risk Assessment

Has anyone been party to a risk assessment of a cloud service? Is there anything you can share on y...

Phil Green @ 10/31/2015 5:35 AM | Comments (0)

RE: Disaster Recovery Risk Assessment

Have you tried the following sites/bodies: Disaster Recovery Institute (DRI) International - https:...

Vladimir804 @ 12/11/2017 6:53 PM

RE: Sample of a generic Key Risk Indicator for IT

Thank you for information on Info Security Risk Assessment tool

tmutsambwa @ 8/3/2017 10:35 AM

RE: Sample of a generic Key Risk Indicator for IT

Thanks Charles992. Templates are well structures and good base for developing internal kits.

Karin007 @ 5/3/2017 5:35 AM

RE: Sample of a generic Key Risk Indicator for IT

Hi Yogesh, "Information Security Risk Assessment Toolkit " The resource page ( http://sec...

Charles992 @ 4/28/2017 8:52 AM

RE: Sample of a generic Key Risk Indicator for IT

There could be many KRIs for IT. Which areas of IT are you specifically looking at to start with ?

YOGESH KHANDALE @ 4/28/2017 1:32 AM

RE: IT Risk Assessment Schedule

Thanks. That helps a lot. I wasn't too far off. I've always used a system-based approach, but speci...

Vivian152 @ 2/6/2017 10:17 AM

RE: IT Risk Assessment Schedule

Hi,Based on personal experience, I'd say the schedule depends on how you manage time. Normally, I s...

Twinkle156 @ 2/3/2017 7:38 AM

RE: Looking For An Example Risk Assessment Report Template

Also - I don't know if this article would help - at a very high level.http://www.tripwire.com/state...

AgVball @ 8/27/2016 10:53 PM

RE: Looking For An Example Risk Assessment Report Template

I just googled and found a couple of examples that popped up on the first page.  I believe they are...

AgVball @ 8/27/2016 10:35 PM

RE: In search of a Research framework for the management of ITO Risk

Hey The world over uses ISO27001/27002 as a question set when seeking assurances over 3rd parties a...

Tony L @ 8/12/2016 5:33 AM

RE: Operational and Strategic Risk

Hello Jack!Thank you for the quick response.  Yes please, I will appreciate the introduction.  Plea...

Marvin Agosto @ 7/28/2016 12:50 PM

RE: Operational and Strategic Risk

Hello Marvin,You heard correctly that FAIR can be used to analyze operational/strategic risk.  I'd ...

RMIJones @ 7/28/2016 8:08 AM

RE: FAIR - Open Group

I am very interested as well. I work in an advisory capacity to program managers who are used to us...

Joshua002 @ 7/28/2016 7:03 AM

RE: FAIR - Open Group - hope for FAIR users to share experience

Hello, I hope for FAIR methodology/ approach users to share experience. Am working in IT Risk asses...

Karin007 @ 7/28/2016 2:13 AM

RE: FAIR - Open Group

I am very interested in this topic thread as well.  I am working on optimizing our Risk Assessment ...

Marvin Agosto @ 7/28/2016 1:17 AM

COBIT 5 for Risk

Dears,I recently completed an IT Risk Management project for a leading Oil & Gas company in ME ...

Bassil Mohammad @ 8/3/2014 6:09 AM | Comments (14)

List of IT RIsks

Has anyone ever seen a simple list of IT Risks?  I'm not looking for how to do a risk assessment or...

kshauret @ 4/22/2011 12:23 PM | Comments (12)

How to objectively calculate probability when using qualitative risk assessments?

I have read through the CRISC manual and have browsed through COBIT5 for Risk and other Risk IT doc...

Christian496 @ 2/23/2016 9:15 AM | Comments (11)

Probabilities in risk assessment

Do you use probabilities in risk assessment and evaluation? In which manner? Here is my opinion. Ag...

Adrian Munteanu @ 2/27/2014 3:29 AM | Comments (10)

Formal IT Risk Assessment

Has anyone had a formal IT Risk assessment completed by an independent outside entity?  If so, woul...

Tasha809 @ 9/28/2015 1:22 PM | Comments (8)

2013 IT Risk Management Whitepaper

IT RISK MANAGEMENTDRIVERS, CHALLENGES AND ENABLERS FOR AUSTRALIANORGANISATIONS To attain strategic,...

Paras_Shah1 @ 3/22/2013 7:07 AM | Comments (8)

risk mgt software and issue tracking software

Dear friendsif any of you have implemented or used a software for risk management and issue trackin...

M.A.SAIYED @ 6/27/2010 7:42 AM | Comments (7)

CRISC Tutorial Videos

Hi people, I'm a newly practising CISA, and at the sametime preparing to do the CRISC exam in June ...

Wendy B. @ 4/15/2014 7:44 AM | Comments (6)

CRYPTOLOCKER VIRUS

Hello All,Can any one suggest me the preventive actions to implement to reduce the impact on the co...

Namratha683 @ 3/7/2016 11:01 PM | Comments (6)

Assessing a IT organisation

I am given a task to carry out "Internal Audit" for an IT Organisation . Basically this i...

Vikrant031 @ 10/16/2010 3:30 AM | Comments (5)

FAIR - Open Group

Dears,I would like to get your views, insights, possible success stories on using FAIR (from Open G...

Bassil Mohammad @ 12/3/2013 2:20 PM | Comments (4)

Mobile Banking Risks

Mobile Banking adoption is increasing and the threats associated with the use of smartphones is inc...

Bassil Mohammad @ 9/26/2012 4:25 PM | Comments (4)

Risk Assessment

What is the best risk assessment baseline do you think  to use: COBIT, Risk IT, ISO 27001 or ITIL p...

Bassil Mohammad @ 1/25/2011 9:21 AM | Comments (4)

Sample of a generic Key Risk Indicator for IT

Hi Risk Community, Good day! I'm looking for a sample list of generic KRI's for IT. I'm currently w...

Sameer848 @ 2/6/2017 9:21 AM | Comments (4)

Risk of using unsupported software features

Undocumented features are frequently found in software releases. Software suppliers generally left ...

Muhammad614 @ 3/18/2014 2:04 AM | Comments (3)