IT Governance, Risk, and Compliance

Jul 20 2010   5:10PM GMT

Not-for-profit Risk Management – Part VI

Robert Davis Robert Davis Profile: Robert Davis

An IT risk assessment consists of risk identification and risk analysis. For not-for-profit entities, risk identification includes examining external factors such as technological developments and economic changes; while considering internal factors such as personnel quality, the nature of the entity’s activities, and the characteristics of information processing. Wherefore, risk analysis involves estimating the significance of risks, assessing the likelihood of risks occurring, and considering how to manage the risks. To this end, documenting overall and detail control perimeters aids in assessing risk analysis process datum and decisions.

View Part I of the Not-for-profit Risk Management series here

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: