Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Risk Management

Welcome to the Risk Management topic!

Collaborate, contribute, consume and create knowledge around topics such as Risk Management, Risk Governance, Risk Profile, Governance Risk & Compliance (GRC), & CRISC.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
2456 Members
4 Online
23188 Visits

Community Leader

Brian Barnier

Brian Barnier

Badge: Energizer

Mohamed Tawfik

Mohamed Tawfik

Title: Senior IT Audit Manager

Points: 280

Badge: Lively


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 175 total

Must be a Topic member to contribute
View All »
Please can people tell me which risk management frameworks and TOOLS do they use?I.e. NIST, COBIT etc. Thanks in advance
JayMIET927 | 9/20/2016 3:16:44 PM | COMMENTS(9)
Good DayI have authored a book titled The Money Laundering and Financing of Terrorism and the relevant links is provided below.RegardsKannanMember: Institute of Chartered Accountants of India; Association of Certified Anti-Money Laundering Specialists USA...
rskannan | 9/8/2016 1:08:14 PM | COMMENTS(1)
Hello, Am trying to build, come up with a structured, documented method on testing  IT controls. From the IT Risk Registers, which are already in place how best to go about. I have seen from Operational Risk perspective they have whats called RCA (Risk Co...
Taty | 8/19/2016 11:58:48 AM | COMMENTS(9)
rskannan | 8/11/2016 10:54:32 AM | COMMENTS(0)
Dear FriendsI wrote a book with the captioned title and it was released last year. The process approach was appreciated by people who grasped the nuances of COSO and CoBit. Operational Risk practitioners found it useful to improve systems to gather data a...
rskannan | 7/19/2016 9:20:15 AM | COMMENTS(0)
Join us in August for the GRC Conference! I believe that everyone could learn something from attending. Located at the Diplomat Resort and Spa in Florida. Follow the link for more information.
Gerri Anne Redmond | 6/14/2016 11:17:24 AM | COMMENTS(0)

Documents & Publications: 113 total

Must be a Topic member to contribute
View All »
Posted by ISACA 910 days ago
Posted by ISACA 133 days ago
Posted by ISACA 203 days ago
Posted by ISACA 248 days ago
Posted by ISACA 308 days ago

Events & Online Learning: 13 total

Journal Articles: 164 total

Volume 5, 2016
by Karina Korpela, CISA, CISM, CRISC, CISSP, PMP, and Paul Weatherhead, CISSP
Once approval to perform an information security audit and, most likely, a penetration test (pen-test) of an organization’s networks and systems has been obtained, then what?
Volume 5, 2016
by Steven J. Ross, CISA, CISSP, MBCP
Still having a base in IS/IT auditing, ISACA now encompasses consultants, educators, IS security professionals, risk professionals, chief information officers and internal auditors
Volume 5, 2016
by Tom Pendergast, Ph.D.
Despite a wealth of preventive measures, employees remain one of the costliest vectors in a number of data breaches and security incidents, which are increasing at an alarming rate.
Volume 5, 2016
by John W. Lainhart IV, CISA, CISM, CGEIT, CRISC, CIPP/G, CIPP/US, Zhiwei Fu, Ph.D., CISA, CGEIT, CRISC, CFE, CISSP, ITIL, PMP and Christopher M. Ballister, CISM, CGEIT, CRISC
Organizations need to move toward a more holistic and proactive approach to addressing security threats and managing compliance requirements in today’s information-driven economy.
Volume 4, 2016
by Daniel Schatz, CISM, CCSK, CISSP, CSyP, CVSE, ISO 27001 LA/LI, MCITP-EA
The topic of information security has evolved to one of the top concerns among policymakers and corporations. Leaders demand answers from their support structures as to how such risk can be effectively managed.
Volume 4, 2016
An APT is a specific targeted and sophisticated attack that keeps coming after the victim and is not easily stopped by a defensive program.

Wikis: 2 total

Blog Posts: 110 total

Some exciting projects coming. I am working on reworking our managed health care system to include an all online process from doctor prescribed prescriptions to filled prescriptions. I have reaching out to technology companies and politicians to see if ...
Posted By : Gerri Anne Redmond | 0 comments
National Cyber Security Awareness Month is approaching. It is October. I will be providing some fun things for you to research and learn. Check back often. Look at the Homeland Security site for additional tips.
Posted By : Gerri Anne Redmond | 0 comments
6 Sep 2016
Hi everyone - I hope you can help me with my questions: I have passed my CISA exam last October, with my work experience combine with my educational background, I am able to save 3 years from the requirement to get my CISA designation, but I am lac...
Posted By : Lan234 | 1 comments
It is a boundary. Digital trend. Board is responsible for failures. The right board is necessary. Changing culture is via channel the energy  to do things differently. Stay connected to the people on the ground. Focus on looking forward. Do not demonise t...
Posted By : Swee908 | 0 comments
Posted By : Dr. Stephanie Carter | 0 comments
GOVERNANCE, RISK, & COMPLIANCE-MANAGERS OF PEOPLE & PROCESSES-I’ve often thought in the last few weeks how meaningful it is to be a manager of people and processes.  I’m so grateful.  As I look back on my experiences in IT Governance, Risk Management & Co...
Posted By : Sharon211 | 1 comments