journal header

Volume 1, 2017

This Week's Online-Exclusive Feature

Evolving Cyberrisk Practices to Meet Board-level Reporting Needs
18 January 2017
Jack Jones, CISA, CRISC, CISM, CISSP

Imagine being an executive sitting on the board of directors for an organization. Of the following two risk report statements, which one would likely be more meaningful and useful?

  1. The current deficiency in control X represents a high level of risk. By spending US $400,000 to implement technology Y, the organization will bring control levels into alignment with best practice and reduce the potential for significant loss.
  2. The current deficiency in control X represents an annualized loss exposure of US $22 million. By spending US $400,000 to implement technology Y, the organization can reduce this exposure to US $4 million. The risk reduction benefit is represented visually in figure 1.
Read More >>

Indicates Online-Exclusive Content

 

 


This Week's Featured Blog

Governance and City Development
17 January 2017
Graciela Braga, CGEIT, COBIT Foundation, CPA

Most of us live in cities. We are always busy, so we only see the impact and benefit of IT when it is not there, e.g., during failures, service unavailability, loss of physical devices, natural disasters and so on.

The definition of “city” has evolved, and IT has been an enabler for that evolution, transforming cities to become smart or smart sustainable. All types of disruptive or cognitive technology used in this transformation have benefits and risk, but if they are well governed, the probability of value delivery increases. Read More >>

Indicates Online-Exclusive Content

 

 


What's New for Nonmembers

IS Audit Basics Articles

Preparing for Auditing New Risk, Part 1

The Soft Skills Challenge, Part 6

The Soft Skills Challenge, Part 5

The Soft Skills Challenge, Part 4

Elements of an IS/IT Audit Strategy, Part 2

Elements of an IS/IT Audit Strategy, Part 1

 

Full Journal Issues

Volume 1, 2016 Transforming the Auditor

Volume 6, 2015 The Internet of Things

Volume 5, 2015 Cybersecurity

Volume 4, 2015 Regulations & Compliance

Volume 3, 2015 Governance and Management of Enterprise IT (GEIT)

Volume 2, 2015 Opportunities and Challenges of New Technology