Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Risk Management

Welcome to the Risk Management topic!

Collaborate, contribute, consume and create knowledge around topics such as Risk Management, Risk Governance, Risk Profile, Governance Risk & Compliance (GRC), & CRISC.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
2234 Members
7 Online
21422 Visits

Community Leader

Brian Barnier

Brian Barnier

Badge: Energizer

Mohamed Tawfik

Mohamed Tawfik

Title: Senior IT Audit Manager

Points: 275

Badge: Lively


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 154 total

Must be a Topic member to contribute
View All »
Many companies vet the vendors before they bring them onboard to understand the value as well as the risks they will bring with them. This also allows companies to avoid any potential risk related issues that could cause disturbance to operations. But thi...
Devashish041 | 11/29/2015 3:57:04 AM | COMMENTS(8)
Looking for some online brainstorming here on how to inject energy across an organization around risk management. The oil & gas industry has been going through a lot of flux, and we need to be more vigilant as a result, but with the many layoffs across th...
Hannah656 | 11/16/2015 4:20:49 PM | COMMENTS(2)
Gestionar la seguridad de una organización pequeña no quiere decir que podamos pasar por alto ciertas amenazas de índole sofisticado; pero, lo más normal, es que los sistemas con los que tengamos que lidiar sean menos complejos, menos numerosos, y tal vez...
beacandano | 11/10/2015 11:26:25 AM | COMMENTS(0)
Una referencia de lectura para comenzar a identificar escenarios de riesgo (en este caso, de TI) es COBIT; en particular, COBIT 5: Gestión del riesgo.En este manual, se nos facilitan algunos consejos, entre otros, sobre cuántos escenarios son suficientes ...
beacandano | 11/10/2015 11:25:12 AM | COMMENTS(0)
La tendencia al alza es la realización de evaluaciones de riesgo. Todas las normas ISO de alto nivel (HLS) lo están estableciendo así, usando como marco la nueva ISO 31000. Comenzó por laISO 22301 (Continuidad) y  la ISO 27001 (Seguridad de la Información...
beacandano | 11/10/2015 11:20:38 AM | COMMENTS(0)
Hi all, This is more of a generic risk question and experience rather than COBIT Risk approach specific. I recently took on a risk assessment (and implementing a risk management process) role.The client wanted a risk assessment against key information as...
Lucent | 10/23/2015 12:15:09 PM | COMMENTS(7)

Documents & Publications: 112 total

Must be a Topic member to contribute
View All »
Posted by ISACA 608 days ago
Posted by ISACA 6 days ago
Posted by ISACA 16 days ago

Events & Online Learning: 17 total

14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 277 total

Volume 6, 2015
by Vasant Raval, DBA, CISA, ACMA
The word “transparency” originated in the field of engineering. It has to do with the physical property that allows the transmission of light through a material, such as glass or plastic.
Volume 6, 2015
by Angelique Schouten
Cloud technology helps SMEs run and coordinate large external workforces, support operational management, and enable the building of new developments to ensure that they stay up to speed and futureproof within their markets.
Volume 6, 2015
by Wanbil W. Lee, DBA
Of all the human inventions since the dawn of civilization, the computer is the only one that extends our intellectual power.
Volume 6, 2015
by Norman Fenton and Martin Neil | Reviewed by Andrew Richardson, CISA, CISM, CRISC, MBCS, MCMI
For those looking to begin working with Bayesian networks, this book serves as an excellent starting point and provides guidance for readers on how to develop and run a Bayesian network model for risk assessment and decision making.
Volume 6, 2015
by Mette Brottmann, Klaus Agnoletti, Morten Als Pedersen, Ronnie Lykke Madsen, Michael Rosendal Krumbak and Thor Ahrends, CISA, CISM, CRISC
Most IT professionals know the theory and importance of addressing and mitigating risk. Daily resource limitations and task prioritisation, however, do not always allow for best practice approaches to be taken.
Volume 5, 2015
by Steven J. Ross, CISA, CISSP, MBCP
If you think of cyberattacks as war, which it is in both the figurative and literal senses, make yourself ready to win it.

Wikis: 2 total

Blog Posts: 88 total

Information Security Managers (ISMs) are task with providing security oversight in defending organisations data, systems and building Infrastructures it depends on for making profit, against threats, risks and vulnerabilities such as cyber attacks from th...
Posted By : Prince143 | 0 comments
I am currently recruiting for a Senior IT Auditor - Financial Services , to join the team in Paddington. If you’re a CISA qualified Auditor and keen to travel internationally, please click on the link below. NO AGENCIES
Posted By : Stephen913 | 0 comments
Many a times we encounter situations where we find that certain Information Security Policy requirements and considerations are not in line with the Global Security Best Practices and they actually are not in-line with the Global Standards to that effect....
Posted By : Mayank | 0 comments
It is interesting to note that the Government of India's Department of Engineering and Information Technology has issued National Encryption Policy for public comment.  And today the first addendum for the same has been issued for the people to refer to. ...
Posted By : Mayank | 0 comments
Information Security and IT operations generally do not go hand in hand or I rather make a not so controversial statement that IT Operations Folks generally don't like Information Security Folks for they see the Information security folks to be the Show S...
Posted By : Mayank | 0 comments
One thing I learned early on in dealing with IT security issues at a small financial institution is that some of the client's vendors and service providers actually resort to lying as a way of dodging performing such tasks as patching servers, paying for ...
Posted By : Guy399 | 0 comments