IT Governance, Risk, and Compliance

Jul 23 2010   6:25PM GMT

Not-for-profit Risk Management – Part VII

Robert Davis Robert Davis Profile: Robert Davis

Utilizing a maturity model can aid management in identifying risk issues. Procedurally, a maturity model provides a standard means to document and evaluate the state of controls. Collectively, the entity’s not-for-profit managers can contribute to identifying risk issues as well as rate controls — such as policies, procedures, standards, and rules. As for managing risks, it usually is prohibitively expensive to reduce risks to a tolerable level for all potential control weaknesses or deficiencies simultaneously. Therefore, a risk grading system should exist to assist in the evaluation and prioritization of control deployments consistent with the entity’s risk tolerance levels.

View Part I of the Not-for-profit Risk Management series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: