Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Risk Management

Welcome to the Risk Management topic!

Collaborate, contribute, consume and create knowledge around topics such as Risk Management, Risk Governance, Risk Profile, Governance Risk & Compliance (GRC), & CRISC.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
2598 Members
4 Online
24222 Visits

Community Leader

Brian Barnier

Brian Barnier

Badge: Energizer

Mohamed Tawfik

Mohamed Tawfik

Title: Financial Controller Sector - General Manager

Points: 285

Badge: Lively


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 183 total

Must be a Topic member to contribute
View All »
We are about to embark on a project to install a GRC solution.  Are there any existing checklists to help with requirements?  Did you use a consulting team to help you create your requirements and guide you through the process?
AgVball | 3/28/2017 3:06:37 AM | COMMENTS(18)
I read a research work on "The Development of Audit Detection Risk Assessment System: Using the Fuzzy Theory and Audit Risk Model", which I appreciated and I would like to adopt it for a research project, but this time in the field of IT audit. i lock for...
ISMAIL683 | 3/16/2017 7:14:36 PM | COMMENTS(0)
Any insights on this topic? ..... I am trying to build a knowledge base in this area of - (1) Risk Management of AI and CT technologies to be used to support business, (2) use of AI and CT for helping with Risk Management Any thoughts? Thanks in advance. ...
Adwait | 2/26/2017 3:27:38 PM | COMMENTS(4)
Hi RM Community, Good day! I'm looking for a sample list of generic KRI's for IT. I'm currently working on a project to initiate monitoring of KRI's. I was able to do research and obtain understanding of KRI. I have yet to perform an understandi...
Sameer848 | 2/8/2017 7:01:58 AM | COMMENTS(3)
I'm developing a key risk indicator dashboard and am looking for guidance on best practices and reporting formats. Thanks.
Jennifer067 | 2/6/2017 8:06:26 AM | COMMENTS(9)
As noted in another thread, we are starting to look at GRC tools.  Someone from our PMO office mentioned that Atlassian (think - JIRA, Confluence, etc.) has Risk or GRC components for purchase.  I've not found any reviews while searching.  Does anyone act...
AgVball | 1/24/2017 8:38:36 AM | COMMENTS(3)

Documents & Publications: 70 total

Must be a Topic member to contribute
View All »
Posted by ISACA 1122 days ago
Posted by ISACA 415 days ago
Posted by ISACA 520 days ago
Posted by ISACA 530 days ago

Events & Online Learning: 15 total

16 Mar 2015
ISACA International Event
Orlando, FL, USA
21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.

Journal Articles: 188 total

Volume 6, 2106
by Venkatasubramanian Ramakrishnan, CISM, CRISC, CHFI
Bayesian networks can capture the complex interdependencies among risk factors and can effectively combine data with expert judgment.
Volume 2, 2017
by Vasant Raval, DBA, CISA, ACMA, and Samir Shah, CISA, CA, CFE, CIA, CISSP
The business model of the early 20th century depicted a large, integrated company that owned, managed and directly controlled its resources.
Volume 2, 2017
by Mukul Pareek, CISA, ACA, ACMA, PRM
Most security metrics programs are typically based on two assumptions: There is a secure way to manage any system, and the task of security management is to maintain that state.
Volume 2, 2017
by Robert E. (Bob) Kress and Dave M. Hildebrand, CPA, CFE
This article studies the business impact of analytics on internal audit, both in conducting risk assessments and in the planning, scoping and execution of audits.
Volume 2, 2017
by Jo Anna Bennerson, CISA, CGEIT, CPA, ITILv3, PMP
This article discusses approaches to increase an information security professional’s knowledge about the US federal government ATO security authorization process and one’s duties in the narrow US federal government industry.
Volume 2, 2017
by Paul Phillips, CISA, CISM
With the popularity of social media, it is no wonder that many companies have decided to take advantage of this technology. Some have even stated that social media is the most powerful tool for marketing in today’s environment.

Wikis: 2 total

Blog Posts: 121 total

Manejo de TI interno. El tener toda la estructura de TI internamente, sin subcontrataciones, puede dar una acumulación de problemas difíciles de manejar para una sola organización.Asociaciones con contrapartes. Al trabajar en un proyecto conjunto con una...
Posted By : Gladys789 | 0 comments
La razón de que varias páginas y servicios soportados por la nube de Amazon Web Services –entre ellos Netflix y Spotify- presentarán fallas el martes pasado se debió a un error humano, aseguró la compañía. El reporte de Amazon apuntaba que servidores S3 e...
Posted By : Rene372 | 0 comments
La demanda de servicios bancarios a través de Internet, producto del surgimiento de nuevas necesidades en los consumidores atraídos por el auge tecnológico, mantiene a las entidades financieras inmersas en una encrucijada en la cual deben equilibrar el ni...
Posted By : Gerardo Zuñiga | 0 comments
Dear All I am working on Information security risk assessment framework which helps to reduce the subjectivity in the risk assessment process. (Subjective risk assessment is the one which is based on the risk parameters having values 1 to 5 or 1 to 3. and...
Posted By : Muhammad Irfan Bashir | 0 comments
Today, all of us need to protect the personal information... so, I share these useful tips. Here are eight tips to help you protect the privacy of your personal information:1. Implement a personal-information "need-to-know basis" policyMany businesses ask...
Posted By : Rene372 | 0 comments
Cyber Security Program the way I have often observed in various organization over the years, is lead with piecemeal approach. There is no holistic view or review of the same and the Cyber Security team, often to be counted on fingers, is left to fend the...
Posted By : Mayank | 0 comments