Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Risk Management

Welcome to the Risk Management topic!

Collaborate, contribute, consume and create knowledge around topics such as Risk Management, Risk Governance, Risk Profile, Governance Risk & Compliance (GRC), & CRISC.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1843 Members
2 Online
18605 Visits

 Recent Discussions

Risk Management and Compliance. Posted by Karithi.
Encription. Posted by ANASTASIA.
Risk Matrix and Levels. Posted by Carl097.

Community Leader

Ayman Galal
Brian Barnier




Title: Senior Manager, Finance Risk Governance

NEW! Participate in Discussions Via Email. 

You can now respond to discussions by simply replying to the email alert. Just enable this feature in discussions on this topic. Learn more

Discussions: 110 total

Must be a Topic member to contribute
View All »
Hi All, I'm new to Risk management and compliance. Someone tip me on what I need to do to cope well in my new role as risk and Compliance manager. I think there are RM gurus here
Karithi | 7/19/2014 10:12:33 AM | COMMENTS(2)
Data transport comes with its own risks and have to be managed. However, some institutions use no encription for their critical data. Should critical data be transported unencripted? Should IT audit assurance professional lead the the campaign for the pro...
ANASTASIA | 7/18/2014 2:15:02 AM | COMMENTS(7)
Have a question regarding the creation of a risk matrix: How do you determine the overall risk rating scale in a risk matrix? I understand that a set of values should be assigned to both impact and probability ratings and that multiplying the two together...
Carl097 | 7/16/2014 2:27:50 PM | COMMENTS(2)
When applying a risk methodology to manage risks throughout a business, would it be common practice to utilise a single methodology for all such as ISO31000 or could other methodologies be used in conjunction, such as ISO27005 which is more centric to inf...
Mark556 | 7/3/2014 4:35:49 AM | COMMENTS(2)
Hello all, read today's ISACA Now Blog Then, share you movie maps here.
Brian Barnier | 7/2/2014 4:48:02 PM | COMMENTS(0)
Hi all, If I remember correctly, in RiskIT, for each standard 'Risk Scenario', it listed the appropriate COBIT 4.1 Controls (Activities) to remediate/mitigate those Risk Scenarios. Is there anything similar for COBIT 5 for Risk - or has anyone done su...
Lucent | 6/17/2014 3:05:13 PM | COMMENTS(1)

Documents & Publications: 97 total

Must be a Topic member to contribute
View All »
Posted by ISACA 115 days ago
Posted by ISACA Yesterday
Posted by ISACA 6 days ago
Posted by ISACA 8 days ago

Events & Online Learning: 12 total

14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 236 total

Volume 4, 2014
by Robert E Stroud, CGEIT, CRISC
Get to know your network.
Volume 4, 2014
by Viktor Polic, Ph.D., CISA, CRISC, CISSP
Information security vendors have recognized the need to optimize the process of managing ethical hacking projects with the goal to reduce their costs.
Volume 3, 2014
by Benjamin Power, CISA, CPA
It is critical that IS audit and control professionals know how to write a good risk statement that is impactful and aligned to better practice.
Volume 3, 2014
by Rosemary M. Amato, CISA, CMA, CPA, CSSGB
Get to know your network.
Volume 3, 2014
by Fatih Altinel, CISA and Yeliz Kilinc
Before 1999, the regulation and supervision of the banking system in Turkey had a fragmented structure in which the Undersecretariat of Treasury and the Central Bank of the Republic of Turkey were the main actors.
Volume 2, 2014
by Ketan Dholakia, CISM, CRISC, CISSP
Get to know your network.

Wikis: 2 total

Blog Posts: 98 total

19 Jun 2014
Posted By : masarker | 2 comments
There is an organizational mandate to log some risks in the project plan. When that status review is called for, you are asked about that pesky risk tracker. You have an excel sheet which lists some risks because you are supposed to do so. Most of the tim...
Posted By : Balamukund Sripathi | 0 comments
As an IT-security specialist i read a lot of standards, guides, frameworks and drafts on all matters of information security. When the EU Data Protection Regulation draft was first published in January 2012, i was eager to see what visions the EU h...
Posted By : Gaffri | 0 comments
In business the information security is the most important factor of operations stability. Prevents data loss , ensures companies data classified or not , to remain intact. Security Officers should establish company policies , procedures etc.. in orde...
Posted By : Constantinos297 | 0 comments
22 Mar 2014
SGSI Risk Management in LATAM-Argentina
Posted By : GMB_Gustavo Blanco | 0 comments
21 Mar 2014
You are invited to comment on my post in ISACA Now which can be accessed using the following link: Title: From games to government, babies to business--the role of strategyLink: Shahi...
Posted By : SA | 0 comments