Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Supply Chain Risk Assessment

I am researching methods that organisations use to risk assess their third parties. I'm hoping that...

Michael441 @ 6/26/2018 7:30 AM | Comments (0)

Supply Chain Risk Assessment

Third Party/Supply Chain Risk Assessment is an area where a lot of organisations struggle and it is...

Michael441 @ 5/29/2018 2:32 PM | Comments (1)

Risk Assessment Survey Tool

We are looking for a web based tool to survey our executive management team. We would like them to ...

Caitlin663 @ 4/19/2018 8:06 AM | Comments (2)

Application risk assessment

Hello, I am looking for a framework/model for an application risk assessment that I could adopt for...

Parvathy918 @ 4/11/2018 2:56 PM | Comments (5)

Third Party Risk Management Questionnaire

Hi members, I am wondering if any of you could share an information gathering questionnaire when ev...

danic1979 @ 2/9/2018 7:52 AM | Comments (0)

Web Application Security Risk Assessment

I am looking for a risk assessment template for web application security.  

Deidre085 @ 12/13/2017 2:10 PM | Comments (1)

Disaster Recovery Risk Assessment

Has anyone ever seen mention of the concept of a Disaster Recovery Risk Assessment? Our company has...

Steven373 @ 11/10/2017 3:28 PM | Comments (4)

Risk Assessment :Delegating CNAME and Adding SPF Record

Hi All, I need some input from you guys as per the above title I am conducting a Risk Assessment fo...

tnnadi @ 3/9/2017 3:30 PM | Comments (0)

Sample of a generic Key Risk Indicator for IT

Hi Risk Community, Good day! I'm looking for a sample list of generic KRI's for IT. I'm currently w...

Sameer848 @ 2/6/2017 9:21 AM | Comments (4)

IT Risk Assessment Schedule

Looking for ideas around building a risk assessment schedule. How are your risk assessments initiat...

Vivian152 @ 2/3/2017 4:36 AM | Comments (2)

Operational and Strategic Risk

I am working on optimizing our Risk Assessment activities, in the areas of Strategic and Operationa...

Marvin Agosto @ 7/28/2016 1:36 AM | Comments (2)

Looking For An Example Risk Assessment Report Template

Does anyone have good examples of risk assessment report templates.  I am looking for one that will...

JBIT83 @ 7/9/2016 5:53 PM | Comments (2)

In search of a Research framework for the management of ITO Risk

Hi guys,Hope you are all keeping well?I am a Masters Student at UKZN. I am presenting conducting a ...

Abdulbaqi528 @ 5/2/2016 6:01 PM | Comments (1)

Risk Register, is this the right approach?

Hi, we are in the process of an aquisition where we are the smaller of the companies involved. I ha...

David163 @ 5/2/2016 9:45 AM | Comments (2)

IT GRC Tool

Is there a common consensus out there on what GRC tool is best?  I know SAP has one but I can't see...

Christian496 @ 3/28/2016 9:02 PM | Comments (2)

RE: Supply Chain Risk Assessment

Thanks for everybody who has responded and a reminder that there is still time to contribute to the...

Michael441 @ 6/3/2018 7:21 AM

RE: Risk Assessment Survey Tool

Outside a GRC tool, (if your company is using Sharepoint) we've used the survey functionality in Sh...

Stefanie525 @ 4/20/2018 8:48 AM

RE: Risk Assessment Survey Tool

The newest generation of GRC tools have survey modules that do exactly what you're looking for. If ...

Jack_97223 @ 4/19/2018 8:53 PM

RE: Application risk assessment

Hi Parvathy, The IT environment in every bank is complex, also it will be more complex when it come...

Buddhika708 @ 4/18/2018 3:07 PM

RE: Application risk assessment

Hi Parvathy,Perhaps this site might be helpful to your search?https://www.ffiec.gov/default.htm

Joel223 @ 4/17/2018 3:35 PM

RE: Application risk assessment

Also: is application risk assessment driven by recommendation / findings internal or external Audit?

Karin007 @ 4/12/2018 3:57 AM

RE: Application risk assessment

Hello Parvathy, Banks are highly regulated and application risk assessments should go beyond BIA, C...

Karin007 @ 4/12/2018 3:53 AM

RE: Application risk assessment

Hi Parvathy, without knowing too much of your needs I'd go for the NIST 800-30 Guide for Conducting...

Miguel ARENAS @ 4/11/2018 5:37 PM

RE: Disaster Recovery Risk Assessment

Hi Steve, Like you, I have searched for a standard DR risk assessment over the years and have yet t...

Joel223 @ 1/30/2018 4:12 PM

RE: Disaster Recovery Risk Assessment

Jim, Thanks for the response but you were not clear as to whether you were describing the standard ...

Steven373 @ 12/14/2017 12:17 PM

RE: Disaster Recovery Risk Assessment

Years ago, before InfoSec was in vougue, risk assessments were undertaken as part of the business c...

phdad_ccm @ 12/14/2017 11:45 AM

RE: Web Application Security Risk Assessment

Hi Deidre, I recommend starting with OWASP. They don't provide a risk assessment methodology but th...

Jack_97223 @ 12/13/2017 2:39 PM

RE: Disaster Recovery Risk Assessment

Have you tried the following sites/bodies: Disaster Recovery Institute (DRI) International - https:...

Vladimir804 @ 12/11/2017 6:53 PM

RE: Sample of a generic Key Risk Indicator for IT

Thank you for information on Info Security Risk Assessment tool

tmutsambwa @ 8/3/2017 10:35 AM

RE: Sample of a generic Key Risk Indicator for IT

Thanks Charles992. Templates are well structures and good base for developing internal kits.

Karin007 @ 5/3/2017 5:35 AM

COBIT 5 for Risk

Dears,I recently completed an IT Risk Management project for a leading Oil & Gas company in ME ...

Bassil Mohammad @ 8/3/2014 6:09 AM | Comments (14)

List of IT RIsks

Has anyone ever seen a simple list of IT Risks?  I'm not looking for how to do a risk assessment or...

kshauret @ 4/22/2011 12:23 PM | Comments (12)

How to objectively calculate probability when using qualitative risk assessments?

I have read through the CRISC manual and have browsed through COBIT5 for Risk and other Risk IT doc...

Christian496 @ 2/23/2016 9:15 AM | Comments (11)

Probabilities in risk assessment

Do you use probabilities in risk assessment and evaluation? In which manner? Here is my opinion. Ag...

Adrian Munteanu @ 2/27/2014 3:29 AM | Comments (10)

Formal IT Risk Assessment

Has anyone had a formal IT Risk assessment completed by an independent outside entity?  If so, woul...

Tasha809 @ 9/28/2015 1:22 PM | Comments (8)

2013 IT Risk Management Whitepaper

IT RISK MANAGEMENTDRIVERS, CHALLENGES AND ENABLERS FOR AUSTRALIANORGANISATIONS To attain strategic,...

Paras_Shah1 @ 3/22/2013 7:07 AM | Comments (8)

risk mgt software and issue tracking software

Dear friendsif any of you have implemented or used a software for risk management and issue trackin...

M.A.SAIYED @ 6/27/2010 7:42 AM | Comments (7)

CRISC Tutorial Videos

Hi people, I'm a newly practising CISA, and at the sametime preparing to do the CRISC exam in June ...

Wendy B. @ 4/15/2014 7:44 AM | Comments (6)

CRYPTOLOCKER VIRUS

Hello All,Can any one suggest me the preventive actions to implement to reduce the impact on the co...

Namratha683 @ 3/7/2016 11:01 PM | Comments (6)

Application risk assessment

Hello, I am looking for a framework/model for an application risk assessment that I could adopt for...

Parvathy918 @ 4/11/2018 2:56 PM | Comments (5)

Assessing a IT organisation

I am given a task to carry out "Internal Audit" for an IT Organisation . Basically this i...

Vikrant031 @ 10/16/2010 3:30 AM | Comments (5)

Disaster Recovery Risk Assessment

Has anyone ever seen mention of the concept of a Disaster Recovery Risk Assessment? Our company has...

Steven373 @ 11/10/2017 3:28 PM | Comments (4)

FAIR - Open Group

Dears,I would like to get your views, insights, possible success stories on using FAIR (from Open G...

Bassil Mohammad @ 12/3/2013 2:20 PM | Comments (4)

Mobile Banking Risks

Mobile Banking adoption is increasing and the threats associated with the use of smartphones is inc...

Bassil Mohammad @ 9/26/2012 4:25 PM | Comments (4)

Risk Assessment

What is the best risk assessment baseline do you think  to use: COBIT, Risk IT, ISO 27001 or ITIL p...

Bassil Mohammad @ 1/25/2011 9:21 AM | Comments (4)