IT Governance, Risk, and Compliance

Jul 23 2010   6:25PM GMT

Not-for-profit Risk Management – Part VII



Posted by: Robert Davis
Tags:
COBIT
Educational Institutions
Enterprise Governance
Entity Governance
Governance Tree
Government Agencies
ICT
IT Architecture
IT Service Management
ITG
ITSM
Performance Measurement
Risk Assessment
Risk Management
Risk Tolerance
Strategic Planning
Value Delivery

Utilizing a maturity model can aid management in identifying risk issues. Procedurally, a maturity model provides a standard means to document and evaluate the state of controls. Collectively, the entity’s not-for-profit managers can contribute to identifying risk issues as well as rate controls — such as policies, procedures, standards, and rules. As for managing risks, it usually is prohibitively expensive to reduce risks to a tolerable level for all potential control weaknesses or deficiencies simultaneously. Therefore, a risk grading system should exist to assist in the evaluation and prioritization of control deployments consistent with the entity’s risk tolerance levels.

View Part I of the Not-for-profit Risk Management series here

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: