Posted by: Robert Davis
Control Objectives for Information and related Technology, E-Governance, E-Government, Educational Institutions, Enterprise Governance, Entity Governance, Government Agencies, Information and Communication Technology, Information Systems Audit and Control Association, IT Governance Institute, IT Infrastructure Library, IT Service Management, Non-profit, Not-for-profit, Organizational Formation, Risk Assessment, Risk Management, Service Delivery, Value Delivery
IT governance risk management defines not-for-profit strategic alignment, value delivery, resource management, and performance measurement processes through responses to IT risk assessments. Within this context, as with for-profit entities, the IT risk assessment methodology will vary depending on the adopted risk management framework. Nevertheless, IT risk assessment techniques focus on mechanisms for identifying events that may impact objectives, potential consequences of considered events and corresponding likelihood of contemplated occurrences. Regarding not-for-profit IT service delivery, the outcome of an IT governance risk assessment is a prioritized list of possible events that can form the basis for further actions, if warranted, to ensure appropriate controls are deployed.