Risk professionals face major challenges in keeping pace with the constantly changing digital ecosystem, accelerated by increased enterprise adoption of artificial intelligence and other emerging technologies.
Below are 10 top ISACA resources that can help IT risk professionals stay up to date and be prepared for ongoing shifts in the risk landscape:
Risk IT Framework, 2nd Edition
The Risk IT Framework offers guidelines and practices that optimize risk, opportunity, security and business value, helping practitioners build consensus regarding IT risk decisions at all enterprise levels.
IT Risk Starter Kit
This starter kit helps users develop an IT risk program at their organization. With the kit’s detailed templates and guides, practitioners will be able to establish a consistent and integrated approach to risk management, formalize a governance structure for risk oversight and develop an escalation process for capturing and reporting risks.
Applying Risk Appetite and Risk Tolerance in the Age of AI
In this @ISACA newsletter article, risk expert Mary Carmichael shares the differences between risk appetite and risk tolerance, specifically around the adoption of AI.
Risk IT Practitioner Guide, 2nd Edition
With a variety of helpful how-to information for implementing risk techniques into practitioners’ daily jobs, the Risk IT Practitioner Guide connects the business context with specific I&T assets, increases the focus on using a common risk language and shifts the focus to activities over which the enterprise has significant control. This resource gives practical guidance on how to accomplish the activities described in the Risk IT Framework.
Risk Scenarios Toolkit
The use of risk scenarios can enhance risk management efforts by helping the risk team understand and explain risk to business process owners and other stakeholders. This toolkit includes 87 risk scenarios and a detailed guide to help navigate through a risk scenario.
Eight Overlooked Emerging Tech Risks and How to Mitigate Them
This @ISACA newsletter article explores often-overlooked risks associated with emerging technology and effective strategies to mitigate them.
IT Risk Fundamentals Certificate
The IT Risk Fundamentals Certificate helps professionals at the beginning of their risk career gain the requisite knowledge to be able to better communicate with enterprise risk or IT risk professionals. The certificate covers six topic areas: introduction to risk, risk assessment and analysis, risk identification, risk governance and management, risk response, and risk monitoring, reporting and communication.
COBIT Focus Area: Information and Technology Risk Using COBIT 2019
This resource provides guidance on how to apply COBIT to IT risk practices. Based on the COBIT core guidance for governance and management objectives, this publication highlights risk-specific practices and activities, and provides risk-specific metrics.
Proven Strategies to Supercharge Your Cyber Risk Strategy
In this ISACA Now blog post, author Maman Ibrahim outlines an exclusive and thorough roadmap for building a risk operations center – a strategic, always-on command center for cyber risk.
Certified in Risk and Information Systems Control (CRISC) Certification
ISACA’s globally respected Certified in Risk and Information Systems Control (CRISC) certification helps practitioners learn how to enhance the organization’s business resilience and optimize risk management across the enterprise. The CRISC exam has been updated as of this month to reflect the latest developments on the risk landscape.
For more risk resources from ISACA, visit www.isaca.org/it-risk.