Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Subscribe to all discussions

Recent Discussions

How can we be innovative with risk management? How would concepts like the internet of things and AI be utilized to mange risks

Managing risk continues to pose a great challenge, the idea is to utilize innovation concepts such ...

Muhammad Odeh @ 8/5/2018 6:25 AM | Comments (3)

IT Risk Management

Hi all,Would like to find out what are the frameworks or standards are your organization aligning t...

KarenY @ 5/11/2018 12:10 PM | Comments (13)

Risk analysis - how much constitutes "paralysis"?

There are any number of ways to analyse a risk, some involving very detailed quantitative technique...

Linda716 @ 1/30/2018 5:35 AM | Comments (3)

ATM anti skimming devices

Does the ATM antiskimming devices are operational risk or information security ?

Tarek EL-Sherif @ 12/18/2017 4:23 AM | Comments (3)

Bitcoin - bubble or not

Is bitcoin a bubble or something to stay for long time? If bitcoin is bubble, when it will burst? H...

Dragan Pleskonjic @ 12/10/2017 9:51 AM | Comments (0)

Risk mgmt agenda examples

Hi members,I institutionalized a Risk Mgmt Comittee in my organization. The comittee is made up of ...

danic1979 @ 12/4/2017 7:37 PM | Comments (2)

Risk in work unit business plans

Work units within organisations commit to annual business plans. Risk assessment is the foundation ...

Roger Lines @ 8/7/2017 6:25 PM | Comments (0)

Operational risk -- what your boss is hearing

Hello all, ISACA's content, such as Risk IT and COBIT are created primarily for you. Yet, wouldn't ...

Brian Barnier @ 8/3/2017 9:58 PM | Comments (3)

SPF records

Do you think it would be ok for your DNS manager to take 5 minutes and add an SPF record so your em...

scheidell @ 5/19/2017 3:30 PM | Comments (1)

Using Service Now for Risk/Compliance Program Mgt

I also posted this question in Service Management but have not heard anything yet.My team runs Risk...

AgVball @ 5/17/2017 3:00 PM | Comments (4)

Exploring fuzzy theory in IT audit risk assessment

I read a research work on "The Development of Audit Detection Risk Assessment System: Usingthe...

ISMAIL683 @ 3/16/2017 7:14 PM | Comments (0)

Risk Management with Artificial Intelligence / Cognitive Technology

Any insights on this topic? ..... I am trying to build a knowledge base in this area of - (1) Risk ...

Adwait @ 2/23/2017 2:40 PM | Comments (4)

Sample of a generic Key Risk Indicator for IT

Hi RM Community, Good day! I'm looking for a sample list of generic KRI's for IT. I'm currently wor...

Sameer848 @ 2/6/2017 9:19 AM | Comments (6)

Spearking of GRC tools - Anyone use Atlassian modules?

As noted in another thread, we are starting to look at GRC tools.  Someone from our PMO office ment...

AgVball @ 1/24/2017 12:05 AM | Comments (3)

Implementing a GRC tool ...

We are about to embark on a project to install a GRC solution.  Are there any existing checklists t...

AgVball @ 1/10/2017 12:27 AM | Comments (26)

RE: How can we be innovative with risk management? How would concepts like the internet of things and AI be utilized to mange risks

Hello Ricardo,thank you, you add a variety of good points, especially scenario analysis, PCA, and m...

Brian Barnier @ 8/6/2018 2:03 PM

RE: How can we be innovative with risk management? How would concepts like the internet of things and AI be utilized to mange risks

As an IT Auditor, in Internal Audit, the use of pattern mining and predictive analytics is not wide...

Ricardo443 @ 8/5/2018 9:56 PM

RE: How can we be innovative with risk management? How would concepts like the internet of things and AI be utilized to mange risks

Hi, great that you want to be innovative. There are two relatively simple ways. * First, back to th...

Brian Barnier @ 8/5/2018 7:48 PM

RE: IT Risk Management

@Brian, fully agree with these comments in general. I have training in insurance, audit, financial ...

Ricardo443 @ 6/29/2018 5:04 PM

RE: IT Risk Management

Hello all, Donna's comment and a talk I gave this week remind me of a key point: IF you start with ...

Brian Barnier @ 6/29/2018 3:14 PM

RE: IT Risk Management

Not easy to achieve the necessary combination of breadth and depth.  It seems the "mashing&quo...

Donna Harrigan @ 6/28/2018 4:04 PM

RE: IT Risk Management

The challenge is the request for something that can be used by any organization. I think what you p...

mhershaft @ 5/17/2018 12:56 PM

RE: IT Risk Management

Hi all, Many thanks and appreciate that you all help in formulating and giving context to managing ...

KarenY @ 5/16/2018 12:07 PM

RE: IT Risk Management

Hello, Remember that COBIT Risk and Risk IT (and bit more so) are designed explicitly to link to ER...

Brian Barnier @ 5/15/2018 3:39 PM

RE: IT Risk Management

Hi all,Yor conributions are insightful. It urged me to serach out and review some documents that I ...

Ricardo443 @ 5/15/2018 8:06 AM

RE: IT Risk Management

Hi Karen,Several frameworks are available for Risk Practitioners. Which framework will you use that...

Shamsuzzaman @ 5/14/2018 11:57 PM

RE: IT Risk Management

Hi Karen,I've found COBIT to be useful. It helps that they have a Risk specific enabler. I've also ...

KarenY @ 5/14/2018 12:30 PM

RE: IT Risk Management

Hi Karen,I've found COBIT to be useful. It helps that they have a Risk specific enabler. I've also ...

demetri.gittens @ 5/14/2018 8:55 AM

RE: IT Risk Management

Dave56 @ 5/14/2018 7:48 AM

Implementing a GRC tool ...

We are about to embark on a project to install a GRC solution.  Are there any existing checklists t...

AgVball @ 1/10/2017 12:27 AM | Comments (26)

Risk Acceptance

HelloWhen doing an assessment for a new solution or system, and you identify critical, high, med, a...

Elsayed @ 9/8/2015 4:52 AM | Comments (17)

Threats and vulnerabilities

According to one of the answers on a CRISC practice question, vulnerabilities can be reduced but ne...

Hannah656 @ 12/7/2014 7:24 AM | Comments (16)

CRISC Certification

Hello Everyone, I have enrolled myself for CRISC certification in December. In order to prepare mys...

Rohit131 @ 8/31/2014 12:04 AM | Comments (15)

IT Risk Management

Hi all,Would like to find out what are the frameworks or standards are your organization aligning t...

KarenY @ 5/11/2018 12:10 PM | Comments (13)

Vendor Risk Management

My company is looking to expand our Vendor Risk Management program and in order to build a business...

Tera075 @ 1/26/2015 11:41 AM | Comments (13)

IT Audit Strategy

Need some guidance here. I've been tasked with getting started on performing some IT Audits of our ...

Carl097 @ 11/5/2014 3:46 PM | Comments (12)

risk management frameworks

Please can people tell me which risk management frameworks and TOOLS do they use?I.e. NIST, COBIT e...

JayMIET927 @ 8/31/2016 3:17 PM | Comments (12)

Risk Management:setting risk appetite

How do you set the level at which the risk score will not be acceptable to management if higher tha...

Michael043 @ 3/30/2011 8:04 AM | Comments (12)

IT Risk and IT Operational Risk

Hello , Can anyone please tell me what is exact difference between IT risk and IT Operational Risk ...

Kapil Dixit @ 10/11/2012 4:22 AM | Comments (11)

How to align between IT Audit, IT Assurance and Information Security(Infosec)

Hello, all. I would really like to get/have your expert view on this title. Lets say in an organisa...

Taty @ 9/11/2012 1:41 AM | Comments (11)

Does Risk Management lead to Corporate Value?

Dear Colleague, I am surveying all professionals who use risk management techniques for a significa...

Ricardo443 @ 8/3/2015 2:46 PM | Comments (10)

risk assessment

risk assessment

Robeiiiiiiii @ 12/16/2010 2:41 PM | Comments (10)

Risk impact and absence of controls

During a recent risk assessment we had a topic arise regarding the consideration of impact in risk....

Gregory461 @ 6/7/2015 8:42 PM | Comments (10)

Vendor Risk Management

Many companies vet the vendors before they bring them onboard to understand the value as well as th...

Devashish041 @ 10/23/2015 4:20 PM | Comments (10)