Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Risk Management

Welcome to the Risk Management topic!

Collaborate, contribute, consume and create knowledge around topics such as Risk Management, Risk Governance, Risk Profile, Governance Risk & Compliance (GRC), & CRISC.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
2134 Members
0 Online
20806 Visits

Community Leader

Brian Barnier

Brian Barnier

Badge: Observer

Mohamed Tawfik

Mohamed Tawfik

Title: Senior IT Audit Manager

Points: 264

Badge: Lively


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 146 total

Must be a Topic member to contribute
View All »
Greetings people, I am new to Isaca, and I have just done the CISA exam. I would like to ask you to point me to the right howtos/checklists/methods to evaulate the IT Security Managament of an Enterprise. To do some of the following: risk managemen...
Zeljko317 | 6/30/2015 3:55:58 AM | COMMENTS(5)
During a recent risk assessment we had a topic arise regarding the consideration of impact in risk. Generally speaking, most people in the meeting felt impact should be considered as an absence of all controls, including existing controls in the environme...
Gregory461 | 6/25/2015 1:33:10 PM | COMMENTS(4)
Hope you don't mind me posting in this groupabout this year's ISACA Ireland conference, which is focusing on placingbusiness first. Wewould like this conference to be as successful as last year's, which was trulyinternational with 24 speakers from 12 coun...
Neil_Curran | 6/17/2015 5:43:08 AM | COMMENTS(1)
In studying and refining risk management at individual companies and in public workshops, it turns out that the a valuable quality of a good manager of risk is the "fix it" spirit. In a throw away world, knowing how to find and fix problems in anything --...
Brian Barnier | 5/27/2015 6:23:13 PM | COMMENTS(4)
Hi All, I've been asked by a colleague about information security Threat Taxomonies (or lists) to assist him with the risk identification process. He already has the ISF IRAM2 documentation (Appendix F). Have provided additional references to: NIST S...
Ross Peachey | 5/27/2015 9:41:05 AM | COMMENTS(1)
ISACA members will have the opportunity to vote on approval of the new bylaws beginning 27 April at 9AM CDT (UTC -5 hours) until 6 June at 1AM CDT (UTC -5 hours). Votes can be cast by electronic ballot or by voting in person at the ISACA annual membersh...
Kim091 | 5/4/2015 12:20:11 PM | COMMENTS(4)

Documents & Publications: 105 total

Must be a Topic member to contribute
View All »
Posted by ISACA 488 days ago
This white paper focuses on common challenges associated with project risk management and presents a practical approach to risk management based on International Risk Management Standards.
Posted by Joseph496 26 days ago
Posted by ISACA 33 days ago
Posted by ISACA 38 days ago

Events & Online Learning: 12 total

14 Oct 2013
ISACA International Event
Boston, MA, USA
6 Nov 2013
ISACA International Event
Las Vegas, NV, USA
North America ISRM features relevant security and risk management topics presented by leading industry experts and practitioners.
11 Aug 2014
ISACA International Event
Seattle, WA, USA

Journal Articles: 263 total

Volume 4, 2015
by Christos Dimitriadis, Ph.D., CISA, CISM, CRISC, ISO 20000 LA
Get to know your network.
Volume 4, 2015
by Dipti Patel, CISA, CISM, ISO 27001 LA, ITIL V3
Vendor risk management is the next step to elevate information security from a technical control process to an effective management process.
Volume 3, 2015
by Roberto Puricelli, CISM
In recent years, numerous cases of advanced persistent threats (APTs) and data breaches have been seen, with those involving the largest, most high-profile enterprises garnering the most media attention.
Volume 3, 2015
by Brett van Niekerk, Ph.D., and Pierre Jacobs
According to a survey by Infonetics Research, companies operating their own data centers spent an average of US $17 million on security products in 2013.
Volume 2, 2015
by Nurudeen Odeshina, CISA, CISM, CRISC, ISO 27001 LI, ITSM
The implementation of and certification to global best practice standards can be quite challenging for most organizations given the resources (e.g., manpower, time, finances) required.
Volume 2, 2015
by Rich Karlgaard | Reviewed by Dino Ippoliti, CISA, CISM
The soft edge is composed of five pillars and each of them is analyzed in a dedicated chapter that guides readers to answer crucial questions.

Wikis: 2 total

Blog Posts: 80 total

There are many ways to conduct an audit of the Business Continuity Program (BCP). However, all of them must revolve around 3 key BCP areas, which are: Business Continuity (BC)Disaster Recovery (DR)Crisis Management (CM)These three categories form the basi...
Posted By : Aleksandr754 | 0 comments
17 Jul 2015
I'd like to find out what security tools and techniques are being used to secure big data and extrapolate intelligence from this data about our adversaries and who they are and what they are doing. There are many different tools and strategies to doing t...
Posted By : Carl676 | 0 comments
Organizations are spending significant amount of money on security and still getting compromised. The reason is they are not focused on fixing the highest priority risks to their organization. Before an organization spends an hour of their time or a dolla...
Posted By : yemae01 | 0 comments
Recently, I participated in the First Annual Conference of ICT SECURITY WORLD held on Wednesday, March 4, 2015 at the National Centre for Public Administration and Local Government in Tavros, Athens. The presence of ISACA Athens Chapter was a pleasant sur...
Posted By : Konstantinos741 | 0 comments
29 Mar 2015
As I interview IA professionals I get the feeling that as organizations move toward the adoption of the big-data fueled decision-making paradigm senior decision makers are focusing on the implications of big-data as it pertains to their locust of control....
Posted By : Ben Apple | 0 comments
Data Privacy in today's world has crossed over from a requirement dependent on one agency or organization to be the global phenomenon.  Today the data traverses across the countries as well as continents at the speed unimaginable in past. In a flash of se...
Posted By : Mayank | 0 comments