IT RISK MANAGEMENTDRIVERS, CHALLENGES AND ENABLERS FOR AUSTRALIANORGANISATIONS To attain strategic, program and operational objectives,most organisations rely on the right IT services to be delivered at the righttime. This is only possible if IT risks hav...
|
Has anyone ever seen a simple list of IT Risks? I'm not looking for how to do a risk assessment or how to define a risk universe. I'm trying to see what people have created for risks that they would typically assess in a risk assessment when applied in ...
kshauret | 2/4/2013 4:22:49 PM | COMMENTS(8)
|
I am interested in knowing how others decide which risk assessments to perform each year. As we go through our annual planning process and try to justify adding staff, leadership asks for metrics and benchmarks on the following:Should we perform security ...
Jeff973 | 11/29/2012 7:33:48 AM | COMMENTS(0)
|
Please welcome Kenneth Newman, CRISC, CISM, PMP, ITIL to the Risk Assessment topic. Kenneth will be presenting the session “Security Risk-managed Vendor Due Diligence” at the North America ISRM/IT GRC conference in Las Vegas, Nevada, USA, 14-16 November 2...
|
Mobile Banking adoption is increasing and the threats associated with the use of smartphones is increasing as well. How do you think this risk can be addressed from the consumer perspective?
|
In the absence of clear direction and distinction on what existing IT frameworks are used for, supported by market trends and demands, and the well known behavior of just following Big adaptors, many organizations are requesting TOGAF implementation. I wa...
|
Downloads
Posted by ISACA 219 days ago
|
Downloads
Posted by ISACA 1094 days ago
|
Research
Posted by ISACA 26 days ago
|
Books
Posted by ISACA 133 days ago
|
Books
Posted by ISACA 133 days ago
|
Books
Posted by ISACA 133 days ago
|
|
|
16 Sep 2013
ISACA International Event
London, England
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM 2013 in Berlin—the leading European conference for IT audit, assurance, security and risk professionals. Save over US $200 when you register by 22 July!
|
14 Oct 2013
ISACA International Event
Boston, MA, USA
|
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM is a multidimensional event featuring security and risk content, and the security programs, tools and the resources you need to be responsive to industry changes.
|
Volume 2, 2013
by Brian Vazzana, CISA, CICA, CPA.CITP
This article guides the IT professional through the mind and methodology of the IS auditor with a specific focus on procedures performed by external auditors.
|
Volume 6, 2012
by Mukul Pareek, CISA, ACA, AICWA, PRM
In the world of market and credit risk, scenario analysis is used as a part of stress testing.
|
Volume 1, 2012
by Ronke Oyemade, CISA, CRISC, PMP
This article defines IT governance, addresses its importance, and describes how to apply the three lines of defense by implementing a combination of the Risk IT and COBIT frameworks.
|
Volume 6, 2010
by Jose Luis Carrera Jr., CFE, CIA
Carrera has more than 19 years of international auditing and internal auditing experience, which he gained from his positions at RSM McGladrey & Pullen LLP, Singer Lewak Greenbaum & Goldstein, PwC, and Saudi Arabian Oil Company.
|
Volume 6, 2010
by Brian G. Barnier, CGEIT
The goal of this article is to empower readers with tips to improve funding allocation and to better demonstrate benefit.
|
Volume 5, 2010
by Rajesh Kapur, CISA, FIETE, MIE
BSC has the potential to oversee the mechanism of converting a long-term strategic plan into sets of immediately doable activities.
|
These links, which have been contributed by site users, link to external third-party web sites. ISACA has not evaluated these web sites and accepts no responsibility for their suitability, security or privacy practices.
Will your business keeping running if the lights go out? Implementing contingent controls is an important but sometimes overlooked aspect of ensuring business continuity and disaster recovery.
Contributed by ISACA on 29 May 2010
|
Budget, time and staff limitations require companies to be selective about information security spending. How do you determine where to focus security improvement efforts? Enterprises with mature security programs may have a formal risk management process to assist with this task. Midmarket organizations, on the other hand, tend to be more tactical about their decisions
Contributed by ISACA on 29 May 2010
|
Traditional approaches to risk management emphasize mitigation, focusing on the readily apparent risks facing a company in the areas of security, privacy, credit, regulatory, technology, fraud and more. These threats are, of course, important and must be addressed.
Contributed by ISACA on 29 May 2010
|
Firms that were more confident in their IT risk management capabilities reported more control … and enjoyed significantly better relationships between the IT organization and business executives.
Contributed by ISACA on 29 May 2010
|
Our guide, a risk assessment primer for midmarket CIOs, addresses the various types of risks within the IT department and how they can be mitigated. Learn more about how CIOs can address risk within disaster recovery, data management and project management, using the tools and resources available here.
Contributed by ISACA on 29 May 2010
|
Organizations that do not perform a threat and risk analysis are leaving themselves open to situations that could disrupt, damage or destroy their ability to conduct business
Contributed by ISACA on 29 May 2010
|
|
Case Studies Based On Real World Experience
All OIC Member Contractors have the option to participate in a new component of our Oracle Governance, Risk and Compliance (GRC) training called OIC GRC Reality. You will have an opportunity to participate...
Posted By : RogerDrolet | 4 comments
|
On March 1st, I was invited to speak at the CampIT conference on Enterprise Risk/Security Management at Rosemont Convention Center.
Before me there were two speakers. The first presenter spent an hour presenting the story from the trenches of technolog...
Posted By : Umesh391 | 1 comments
|
|
Posted By : masarker | 0 comments
|
The UK’s Bribery Act 2010 (the Act) which will come into force on 1 July 2011 represents a strengthening of the UK position on bribery and corruption and an important development in global anti-bribery legislation. But what exactly is considered to a brib...
Posted By : Guido2005 | 0 comments
|
|
I want to welcome you to the OIC Oracle GRC Blog. The Oracle Independent Consultants (OIC) LLC is an Oracle Gold Partner. The OIC operates as a virtual international Oracle Governance, Risk and Compliance (GRC) Solutions Provider. We focus ...
Posted By : RogerDrolet | 0 comments
|
Sometime back I came across this paper from ENISA and found really informative. While could computing is still an emerging market, I feel there is worth to review this risk assessment & it should be reviewed if you are a Cloud Provider, Cloud Customer, ve...
Posted By : Varun | 0 comments
|
|
|