Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Risk Assessment

Welcome to the Risk Assessment Topic!

Collaborate, contribute, consume and create knowledge around topics such as core risk processes, scenarios, risk aggregation and response.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1265 Members
2 Online
12786 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 52 total

Must be a Topic member to contribute
View All »
Hi All, I need some input from you guys as per the above title I am conducting a Risk Assessment for a request from a third party client that wants us to delegate a CNAME from our domain or Add SPF records in our DNS zone I need to describe the r...
tnnadi | 3/9/2017 3:30:12 PM | COMMENTS(0)
Looking for ideas around building a risk assessment schedule. How are your risk assessments initiated? How do you build that into a schedule, at the same time managing ad-hoc requests? What sort of schedule works best for you - system/asset based schedule...
Vivian152 | 2/6/2017 10:17:11 AM | COMMENTS(2)
Hi Risk Community, Good day! I'm looking for a sample list of generic KRI's for IT. I'm currently working on a project to initiate monitoring of KRI's. I was able to do research and obtain understanding of KRI. I have yet to perform an understandi...
Sameer848 | 2/6/2017 9:21:53 AM | COMMENTS(0)
Does anyone have good examples of risk assessment report templates.  I am looking for one that will help me document the results of a risk assessment following the process outlined in NIST SP 800-30: Guide for Conducting Risk Assessments.     Appendix K o...
JBIT83 | 8/27/2016 10:53:38 PM | COMMENTS(2)
Hi guys, Hope you are all keeping well? I am a Masters Student at UKZN. I am presenting conducting a research with Research Title: Managing IT Outsourcing Risks: A case of Manufacturing organisations within South Africa My Research Objectives are as follo...
Abdulbaqi528 | 8/12/2016 5:33:51 AM | COMMENTS(1)
I am working on optimizing our Risk Assessment activities, in the areas of Strategic and Operational Risk.  One of my goals, is to get more quantitative in our approach and develop the capability to articulate risk in dollars (universal language everyone ...
Marvin Agosto | 7/28/2016 12:50:06 PM | COMMENTS(2)

Documents & Publications: 40 total

Must be a Topic member to contribute
View All »
Posted by ISACA 1119 days ago
This article contains a description of a new approach to conducting information security assessments. The new approach eliminates redundant assessments and removes the need to use inherited controls.
Posted by Larry Wlosinski 369 days ago
Posted by ISACA 412 days ago
Posted by ISACA 517 days ago

Events & Online Learning: 6 total

16 Mar 2015
ISACA International Event
Orlando, FL, USA
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.
1 Aug 2016
ISACA International Event
Chicago, IL, USA
31 Jul 2017
ISACA International Event
Chicago, IL, USA
4 Dec 2017
ISACA International Event
Scottsdale, AZ, USA

Journal Articles: 26 total

Volume 6, 2106
by Venkatasubramanian Ramakrishnan, CISM, CRISC, CHFI
Bayesian networks can capture the complex interdependencies among risk factors and can effectively combine data with expert judgment.
Volume 6, 2016
by Shirali Vyas, CA, ICAI
The 2008 financial crisis and its cascading effects have made it necessary to redefine the supplier risk management norms.
Volume 3, 2016
by Ed Gelbstein, Ph.D.
Every topic can be subdivided into many more sections, but the intention of this column is not to provide a detailed manual (it would be a large book), just an overview.
Volume 3, 2016
by Simon Grima, Ph.D., Robert W. Klein, Ph.D., Ronald Zhao, Ph.D., Frank Bezzina, Ph.D. and Pascal Lélé, Ph.D.
What are the specific risk and opportunities that affect the ability of the organization to create value in the short, medium and long term? How will the organization capitalize on these to obtain a competitive advantage?
Volume 2, 2016
by Ed Gelbstein, Ph.D.
This article provides a map of the IS/IT risk management activities that are auditable and shows how to maintain a collaborative relationship with the ERM team while avoiding conflicts of interest.
Volume 2, 2016
by Jeroen van Lewe, CISA, CEH, CIA, ECSA
In the Netherlands, large-scale cyberattacks on government web sites began in 2011. In 2012, the Dutch government decided to use IT audits as one of the remedies for this issue.

Wikis: 2 total

Blog Posts: 13 total

“Enterprise architecture is now a strategic componentof every forward-thinking organization around the world.”Source: Related Article: Common Perspective on Enterprise Architecture: http://feapo....
Posted By : SA | 1 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
Dear Community Members,We have established the Topic “Strategic Planning/Alignment” which I believe might be of interest to you. We would like to benefit from your experience and knowledge. Some of you are already members of the topic (which you will find...
Posted By : SA | 1 comments
13 Nov 2014
You are invited to comment on my post in ISACA Now which can be accessed using the following link: Title: From games to government, babies to business--the role of strategyLink: Shahi...
Posted By : SA | 0 comments
Ina fast changing world of business and relentless competition, strategicplanning is not only critical, but also the differentiating factor for anorganization. Since IT has moved from a supportive role to a more strategicrole, the IT Strategic Planning an...
Posted By : SA | 0 comments
Agile technique in software development has been around for quite some time. There have been efforts to adopt the agile techniques for strategic planning, alignment and execution. Following are some of the relevant articles/blog posts in this area. The to...
Posted By : SA | 0 comments