Posted by: Robert Davis
Adaptive Process, Adaptive Systems, COBIT, Control Environment, Dynamic Equilibrium, Risk Assessment, Risk Management
Risk management should be a continuous, adaptive effort addressing: threats, opportunities, and vulnerabilities. In pursuit of achieving dynamic homeostasis for IT, effective “risk management incorporates a systematic approach for identifying risk and defining the impact on an entity’s ability to provide goods and/or services.” Aligning with the Control Objectives for Information and related Technology (COBIT) IT governance framework, IT risk management should be considered a primary focus area for ensuring appropriate responses to varying conditions. Hierarchically, an entity’s control environment is a major factor affecting deployed IT risk management processes.
“View Part I of the Managing the Dynamic Uncertainties of IT series here“