Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Risk Assessment

Welcome to the Risk Assessment Topic!

Collaborate, contribute, consume and create knowledge around topics such as core risk processes, scenarios, risk aggregation and response.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1413 Members
1 Online
13901 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 55 total

Must be a Topic member to contribute
View All »
Hi members, I am wondering if any of you could share an information gathering questionnaire when evaluating a new vendor or third party. I ran into the SIG Shared Assessment Questionnaire but it seems a bit pricey... Thanks in advance!
danic1979 | 2/9/2018 7:52:22 AM | COMMENTS(0)
Has anyone ever seen mention of the concept of a Disaster Recovery Risk Assessment? Our company has done a risk assessment and we have a Disaster Recovery Plan, but they are separate document though of course related but I had never seen the idea even, o...
Steven373 | 1/30/2018 4:12:26 PM | COMMENTS(4)
I am looking for a risk assessment template for web application security.  
Deidre085 | 12/13/2017 2:39:59 PM | COMMENTS(1)
Hi Risk Community, Good day! I'm looking for a sample list of generic KRI's for IT. I'm currently working on a project to initiate monitoring of KRI's. I was able to do research and obtain understanding of KRI. I have yet to perform an understandi...
Sameer848 | 8/3/2017 10:35:20 AM | COMMENTS(4)
Hi All, I need some input from you guys as per the above title I am conducting a Risk Assessment for a request from a third party client that wants us to delegate a CNAME from our domain or Add SPF records in our DNS zone I need to describe the r...
tnnadi | 3/9/2017 3:30:12 PM | COMMENTS(0)
Looking for ideas around building a risk assessment schedule. How are your risk assessments initiated? How do you build that into a schedule, at the same time managing ad-hoc requests? What sort of schedule works best for you - system/asset based schedule...
Vivian152 | 2/6/2017 10:17:11 AM | COMMENTS(2)

Documents & Publications: 38 total

Must be a Topic member to contribute
View All »
Posted by ISACA 1425 days ago
This article contains a description of a new approach to conducting information security assessments. The new approach eliminates redundant assessments and removes the need to use inherited controls.
Posted by Larry Wlosinski 675 days ago
Posted by ISACA 718 days ago
Posted by ISACA 823 days ago

Events & Online Learning: 5 total

16 Mar 2015
ISACA International Event
Orlando, FL, USA
1 Aug 2016
ISACA International Event
Chicago, IL, USA
4 Jun 2018
ISACA International Event
Philadelphia, PA, USA

Journal Articles: 28 total

Volume 6, 2106
by Venkatasubramanian Ramakrishnan, CISM, CRISC, CHFI
Bayesian networks can capture the complex interdependencies among risk factors and can effectively combine data with expert judgment.
Volume 4, 2017
by Steven De Haes, Ph.D., Anant Joshi, Ph.D., Tim Huygh and Salvi Jansen
IT governance, also referred to as governance of enterprise IT (GEIT) or corporate governance of IT, is a subset of corporate governance that is concerned with enterprise IT assets.
Volume 4, 2017
by Sudhakar Sathiyamurthy, CISA, CRISC, CGEIT, CIPP, ITIL Expert
The trustworthiness of various risk assessment methods in pursuit of risk-based decisions is largely questioned in the marketplace.
Volume 6, 2016
by Shirali Vyas, CA, ICAI
The 2008 financial crisis and its cascading effects have made it necessary to redefine the supplier risk management norms.
Volume 3, 2016
by Ed Gelbstein, Ph.D.
Every topic can be subdivided into many more sections, but the intention of this column is not to provide a detailed manual (it would be a large book), just an overview.
Volume 3, 2016
by Simon Grima, Ph.D., Robert W. Klein, Ph.D., Ronald Zhao, Ph.D., Frank Bezzina, Ph.D. and Pascal Lélé, Ph.D.
What are the specific risk and opportunities that affect the ability of the organization to create value in the short, medium and long term? How will the organization capitalize on these to obtain a competitive advantage?

Wikis: 2 total

Blog Posts: 15 total

Mi primer acercamiento real al Framework (o Marco de Referencia) de ISACA COBIT 5, fue a mediados del año pasado (2016) cuando decidí tomar un curso de examinación para la certificación de COBIT® 5 Foundation (Fundamentos de COBIT 5). La jerga técnica me ...
Posted By : MNUNEZA | 0 comments
Information Security and Privacy is hot issue at present time. Number of security breaches is rapidly increasing.  In case of late detection, costs of breaches are skyrocketing. In the same time Artificial Intelligence (AI), Machine Learning (ML) are fast...
Posted By : Dragan Pleskonjic | 0 comments
“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 1 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
Dear Community Members,We have established the Topic “Strategic Planning/Alignment” which I believe might be of interest to you. We would like to benefit from your experience and knowledge. Some of you are already members of the topic (which you will find...
Posted By : SA | 1 comments
13 Nov 2014
You are invited to comment on my post in ISACA Now which can be accessed using the following link: Title: From games to government, babies to business--the role of strategyLink: Shahi...
Posted By : SA | 0 comments