Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Risk Assessment

Welcome to the Risk Assessment Topic!

Collaborate, contribute, consume and create knowledge around topics such as core risk processes, scenarios, risk aggregation and response.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1064 Members
1 Online
11314 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 47 total

Must be a Topic member to contribute
View All »
Hi guys, Hope you are all keeping well? I am a Masters Student at UKZN. I am presenting conducting a research with Research Title: Managing IT Outsourcing Risks: A case of Manufacturing organisations within South Africa My Research Objectives are as follo...
Abdulbaqi528 | 5/2/2016 6:01:13 PM | COMMENTS(0)
Hi, we are in the process of an aquisition where we are the smaller of the companies involved. I have been working with the IT team of the larger entity for about a month and am finding that I have no confidence that they are serious about the security of...
David163 | 5/2/2016 11:32:00 AM | COMMENTS(2)
Has anyone had a formal IT Risk assessment completed by an independent outside entity?  If so, would you be willing to share your experience?  We plan to focus primarily on system applications originally. Thanks in advance for any assistance!
Tasha809 | 4/28/2016 6:26:50 AM | COMMENTS(8)
Is there a common consensus out there on what GRC tool is best?   I know SAP has one but I can't seem to find articles or anything that suggests, "Hey, this is the GRC tool everyone is using".
Christian496 | 3/30/2016 4:21:31 AM | COMMENTS(2)
Hello All, Can any one suggest me the preventive actions to implement to reduce the impact on the computer or server affected from cyrptolocker virus.
Namratha683 | 3/9/2016 8:51:53 AM | COMMENTS(6)
Can you share your thoughts how can organization aggregate IT risk using data (quantitative and qualitative risk) from various risk assessments performed (RCSA, IT Sox testing, Internal Audit, Application Assessment etc) and provide a holistic view of org...
Saqib070 | 3/8/2016 3:16:23 PM | COMMENTS(0)

Documents & Publications: 71 total

Must be a Topic member to contribute
View All »
Posted by ISACA 792 days ago
This article contains a description of a new approach to conducting information security assessments. The new approach eliminates redundant assessments and removes the need to use inherited controls.
Posted by Larry Wlosinski 41 days ago
Posted by ISACA 85 days ago
Posted by ISACA 130 days ago
Posted by ISACA 190 days ago

Events & Online Learning: 5 total

14 Oct 2013
ISACA International Event
Boston, MA, USA
11 Aug 2014
ISACA International Event
Seattle, WA, USA
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.
1 Aug 2016
ISACA International Event
Chicago, IL, USA

Journal Articles: 24 total

Volume 3, 2016
by Ed Gelbstein, Ph.D.
Every topic can be subdivided into many more sections, but the intention of this column is not to provide a detailed manual (it would be a large book), just an overview.
Volume 3, 2016
by Simon Grima, Ph.D., Robert W. Klein, Ph.D., Ronald Zhao, Ph.D., Frank Bezzina, Ph.D. and Pascal Lélé, Ph.D.
What are the specific risk and opportunities that affect the ability of the organization to create value in the short, medium and long term? How will the organization capitalize on these to obtain a competitive advantage?
Volume 2, 2016
by Ed Gelbstein, Ph.D.
This article provides a map of the IS/IT risk management activities that are auditable and shows how to maintain a collaborative relationship with the ERM team while avoiding conflicts of interest.
Volume 2, 2016
by Jeroen van Lewe, CISA, CEH, CIA, ECSA
In the Netherlands, large-scale cyberattacks on government web sites began in 2011. In 2012, the Dutch government decided to use IT audits as one of the remedies for this issue.
Volume 2, 2016
by Shubhamangala B. R. and Snehanshu Saha, Ph.D.
Why are breaches continuing despite deploying cutting-edge solutions supported by compliance to thwart the attacks?
Volume 2, 2016
by David Eduardo Acosta R., CISA, CISM, CRISC, BS 25999 LA, CCNA Security, CHFI Trainer, CISSP Instructor, OPST, PCI QSA
The typical postincident cliché assumes that misfortunes are opportunities. Instead, one can methodically prepare using the correct tools to implement a realistic and objective perspective...

Wikis: 2 total

Blog Posts: 13 total

Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 0 comments
Dear Community Members,We have established the Topic “Strategic Planning/Alignment” which I believe might be of interest to you. We would like to benefit from your experience and knowledge. Some of you are already members of the topic (which you will find...
Posted By : SA | 1 comments
13 Nov 2014
You are invited to comment on my post in ISACA Now which can be accessed using the following link: Title: From games to government, babies to business--the role of strategyLink: Shahi...
Posted By : SA | 0 comments
“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 0 comments
Ina fast changing world of business and relentless competition, strategicplanning is not only critical, but also the differentiating factor for anorganization. Since IT has moved from a supportive role to a more strategicrole, the IT Strategic Planning an...
Posted By : SA | 0 comments
Agile technique in software development has been around for quite some time. There have been efforts to adopt the agile techniques for strategic planning, alignment and execution. Following are some of the relevant articles/blog posts in this area. The to...
Posted By : SA | 0 comments