Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

Bitcoin - bubble or not

Is bitcoin a bubble or something to stay for long time? If bitcoin is bubble, when it will burst? H...

Dragan Pleskonjic @ 12/10/2017 9:51 AM | Comments (0)

Risk mgmt agenda examples

Hi members,I institutionalized a Risk Mgmt Comittee in my organization. The comittee is made up of ...

danic1979 @ 12/4/2017 7:37 PM | Comments (2)

Risk in work unit business plans

Work units within organisations commit to annual business plans. Risk assessment is the foundation ...

Roger Lines @ 8/7/2017 6:25 PM | Comments (0)

Operational risk -- what your boss is hearing

Hello all, ISACA's content, such as Risk IT and COBIT are created primarily for you. Yet, wouldn't ...

Brian Barnier @ 8/3/2017 9:58 PM | Comments (3)

SPF records

Do you think it would be ok for your DNS manager to take 5 minutes and add an SPF record so your em...

scheidell @ 5/19/2017 3:30 PM | Comments (1)

Using Service Now for Risk/Compliance Program Mgt

I also posted this question in Service Management but have not heard anything yet.My team runs Risk...

AgVball @ 5/17/2017 3:00 PM | Comments (4)

Exploring fuzzy theory in IT audit risk assessment

I read a research work on "The Development of Audit Detection Risk Assessment System: Usingthe...

ISMAIL683 @ 3/16/2017 7:14 PM | Comments (0)

Risk Management with Artificial Intelligence / Cognitive Technology

Any insights on this topic? ..... I am trying to build a knowledge base in this area of - (1) Risk ...

Adwait @ 2/23/2017 2:40 PM | Comments (4)

Sample of a generic Key Risk Indicator for IT

Hi RM Community, Good day! I'm looking for a sample list of generic KRI's for IT. I'm currently wor...

Sameer848 @ 2/6/2017 9:19 AM | Comments (3)

Spearking of GRC tools - Anyone use Atlassian modules?

As noted in another thread, we are starting to look at GRC tools.  Someone from our PMO office ment...

AgVball @ 1/24/2017 12:05 AM | Comments (3)

Implementing a GRC tool ...

We are about to embark on a project to install a GRC solution.  Are there any existing checklists t...

AgVball @ 1/10/2017 12:27 AM | Comments (26)

Risk Profile for a technology team

Hello All, I work for an offshore unit of a U.S based financial institution as a risk manager. The ...

Victorjoshua @ 12/26/2016 3:05 AM | Comments (2)

Risks list for alla COBIT 5 processes

Do you know if there is a list of risks (IT and non IT) related to each Cobit 5 process?Thankyou

FrancescoM @ 10/20/2016 4:47 AM | Comments (7)

How can strategic project management office in an organization contribute to risk management?

One of the many responsibilities of the SPMO is to develop processes and methodologies for project ...

Muhammad Odeh @ 10/9/2016 3:18 PM | Comments (2)

risk management frameworks

Please can people tell me which risk management frameworks and TOOLS do they use?I.e. NIST, COBIT e...

JayMIET927 @ 8/31/2016 3:17 PM | Comments (12)

RE: Risk mgmt agenda examples

Hi Daniel,I have also recently set up a RM Committee and created a structure for the regular meetin...

IanSimpson Vietnam @ 12/9/2017 3:46 AM

RE: Risk mgmt agenda examples

Hi Daniel, we used to have an agenda like this - Action review (follow-up of tasks assigned to the ...

pbusch @ 12/5/2017 4:30 AM

RE: Using Service Now for Risk/Compliance Program Mgt

I spent about 30 minutes evaluating SNOW for project management. When I discovered that there was n...

Mark368 @ 9/6/2017 7:12 AM

RE: Implementing a GRC tool ...

@mitke could you please send the documents to me on prince.it.analyst@gmail.comThank you,Prince.

Prince174 @ 8/25/2017 5:45 AM

RE: Implementing a GRC tool ...

I am reachable at prince.it.analyst@gmail.com.

Prince174 @ 8/25/2017 5:43 AM

RE: Implementing a GRC tool ...

Hi all, I work with leading insurance firm of Australia, happy to discuss the GRC journey we have c...

Prince174 @ 8/25/2017 1:28 AM

RE: Using Service Now for Risk/Compliance Program Mgt

Hi Shirley, Our platform - STORM Cyber Risk Management utilizes all cyber risk and compliance manag...

mitke @ 8/25/2017 12:28 AM

RE: Implementing a GRC tool ...

Hi Shirley. I replied to your other post too. How far have you gotten on your selection? We just ha...

Vincent084 @ 8/24/2017 1:14 PM

RE: Using Service Now for Risk/Compliance Program Mgt

Hi Shirley - ServiceNow has a GRC module. Have you looked into that?

Vincent084 @ 8/24/2017 1:04 PM

RE: Operational risk -- what your boss is hearing

Hi Brian, the videos were very short but included some of the right sentences. Looking forward to r...

Roger Lines @ 8/8/2017 5:12 AM

RE: Operational risk -- what your boss is hearing

Hi, you are most welcome. That's a great thing about ISACA, so many helpful people around the world...

Brian Barnier @ 8/5/2017 3:26 PM

RE: Operational risk -- what your boss is hearing

 Thank you. You are always so supportive and with so much valuable knowledge when it comes to ISACA...

Taty @ 8/4/2017 1:49 AM

RE: Implementing a GRC tool ...

Hello, I'm interested in the GRC checklist as well. Please send to john.lashley [at] Gmail.Currentl...

John036 @ 8/3/2017 5:24 PM

Implementing a GRC tool ...

We are about to embark on a project to install a GRC solution.  Are there any existing checklists t...

AgVball @ 1/10/2017 12:27 AM | Comments (26)

Risk Acceptance

HelloWhen doing an assessment for a new solution or system, and you identify critical, high, med, a...

Elsayed @ 9/8/2015 4:52 AM | Comments (17)

Threats and vulnerabilities

According to one of the answers on a CRISC practice question, vulnerabilities can be reduced but ne...

Hannah656 @ 12/7/2014 7:24 AM | Comments (16)

CRISC Certification

Hello Everyone, I have enrolled myself for CRISC certification in December. In order to prepare mys...

Rohit131 @ 8/31/2014 12:04 AM | Comments (15)

Vendor Risk Management

My company is looking to expand our Vendor Risk Management program and in order to build a business...

Tera075 @ 1/26/2015 11:41 AM | Comments (13)

risk management frameworks

Please can people tell me which risk management frameworks and TOOLS do they use?I.e. NIST, COBIT e...

JayMIET927 @ 8/31/2016 3:17 PM | Comments (12)

Risk Management:setting risk appetite

How do you set the level at which the risk score will not be acceptable to management if higher tha...

Michael043 @ 3/30/2011 8:04 AM | Comments (12)

IT Audit Strategy

Need some guidance here. I've been tasked with getting started on performing some IT Audits of our ...

Carl097 @ 11/5/2014 3:46 PM | Comments (12)

IT Risk and IT Operational Risk

Hello , Can anyone please tell me what is exact difference between IT risk and IT Operational Risk ...

Kapil Dixit @ 10/11/2012 4:22 AM | Comments (11)

How to align between IT Audit, IT Assurance and Information Security(Infosec)

Hello, all. I would really like to get/have your expert view on this title. Lets say in an organisa...

Taty @ 9/11/2012 1:41 AM | Comments (11)

Does Risk Management lead to Corporate Value?

Dear Colleague, I am surveying all professionals who use risk management techniques for a significa...

Ricardo443 @ 8/3/2015 2:46 PM | Comments (10)

risk assessment

risk assessment

Robeiiiiiiii @ 12/16/2010 2:41 PM | Comments (10)

Risk impact and absence of controls

During a recent risk assessment we had a topic arise regarding the consideration of impact in risk....

Gregory461 @ 6/7/2015 8:42 PM | Comments (10)

Vendor Risk Management

Many companies vet the vendors before they bring them onboard to understand the value as well as th...

Devashish041 @ 10/23/2015 4:20 PM | Comments (10)

Risk Scenarios

"ISACA today issued new guidance providing six steps to using risk scenarios for improved risk...

JasonY @ 9/24/2014 7:40 AM | Comments (9)