Home > IT Blogs > IT Governance, Risk, and Compliance/

IT Governance, Risk, and Compliance:

Operating Style

12
March 21, 2013  1:02 AM

Risk Management: Is it just another set of business buzzwords? – Part VIII



Posted by: Robert Davis
Administrative Control, Asset Management, Business Continuity, Continuity Management, Crisis Management, Decision Making, Due Care, Due Diligence, Enterprise Governance, Event Management, Incident Management, Information Technology, IT, IT Management, Management Information System, Operating Style, Risk Management, Threat Management

IT policies, directives, standards, procedures, and rules should be deployed based on assessed effectiveness and efficiency in addressing managements risk appetite. Deployed controlling and monitoring activities should reflect management’s strategy for ensuring an adequate IT control system. IT...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 16, 2013  3:40 PM

Risk Management: Is it just another set of business buzzwords? – Part VII



Posted by: Robert Davis
Administrative Control, Asset Management, Business Continuity, Continuity Management, Crisis Management, Decision Making, Due Care, Due Diligence, Enterprise Governance, Event Management, Incident Management, Information Technology, IT, IT Management, Management Information System, Operating Style, Risk Management, Threat Management

Management should establish standards as baselines for measuring quantity, weight, extent, value, or quality.  Standards can be considered specific goals or objectives against which performance is compared.  Selection of points where performance will be measured is critical to...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 14, 2013  1:10 AM

Risk Management: Is it just another set of business buzzwords? – Part VI



Posted by: Robert Davis
Administrative Control, Asset Management, Business Continuity, Continuity Management, Crisis Management, Decision Making, Due Care, Due Diligence, Enterprise Governance, Event Management, Incident Management, Information Technology, IT, IT Management, Management Information System, Operating Style, Risk Management, Threat Management

Controlling and monitoring activities attempting to ensure acceptable risk responses include:

  • Policies
  • Directives
  • Standards
  • Procedures
  • Rules
Strategically; policies are definite courses or methods of action...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 8, 2013  10:41 PM

Risk Management: Is it just another set of business buzzwords? – Part V



Posted by: Robert Davis
Administrative Control, Asset Management, Business Continuity, Continuity Management, Crisis Management, Decision Making, Due Care, Due Diligence, Enterprise Governance, Event Management, Incident Management, Information Technology, IT, IT Management, Management Information System, Operating Style, Risk Management, Threat Management

Usually, IT risk analysis has four primary goals:

  • Identifying assets and their associated values
  • Identifying vulnerabilities and threats
  • Quantifying the probability and business impact of potential threats
  • Providing an economic balance between threat...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 7, 2013  1:54 AM

Risk Management: Is it just another set of business buzzwords? – Part IV



Posted by: Robert Davis
Administrative Control, Asset Management, Business Continuity, Continuity Management, Crisis Management, Decision Making, Due Care, Due Diligence, Enterprise Governance, Event Management, Incident Management, Information Technology, IT, IT Management, Management Information System, Operating Style, Risk Management, Threat Management

The risk management process introduces a systematic approach for identifying, assessing, and reducing risks as well as maintaining defined acceptable risk levels.  An IT risk assessment should be considered a key risk management practice area.  When management institutionalizes an IT governance...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 2, 2013  4:38 PM

Risk Management: Is it just another set of business buzzwords? – Part III



Posted by: Robert Davis
Administrative Control, Asset Management, Business Continuity, Continuity Management, Crisis Management, Decision Making, Due Care, Due Diligence, Enterprise Governance, Event Management, Incident Management, Information Technology, IT, IT Management, Management Information System, Operating Style, Risk Management, Threat Management

Similar to business risk management, IT risk management is a continuous process that should be interlaced into the fabric of an entity.  IT risks directly impact an entity’s ability to provide goods and/or services at an acceptable price.  Inherently, computer hardware and software as well as...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 28, 2013  2:50 AM

Risk Management: Is it just another set of business buzzwords? – Part II



Posted by: Robert Davis
Administrative Control, Asset Management, Business Continuity, Continuity Management, Crisis Management, Decision Making, Due Care, Due Diligence, Enterprise Governance, Event Management, Incident Management, Information Technology, IT, IT Management, Management System, Operating Style, Risk Management, Threat Management

An entity’s business risk management framework should be a strategic axial enabled to accept diverse strategy spokes. Proactively, business risk management should represent the process whereby an entity methodically addresses risks attached to activities with the objective of achieving sustained...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 23, 2013  6:44 PM

Risk Management: Is it just another set of business buzzwords? – Part I



Posted by: Robert Davis
Administrative Control, Asset Management, Business Continuity, Continuity Management, Crisis Management, Decision Making, Due Care, Due Diligence, Enterprise Governance, Event Management, Incident Management, Information Technology, IT, IT Management, Management System, Operating Style, Risk Management, Threat Management

Risk management is not an issue any ‘going concern’ should consider a platitude used to demonstrate effective leadership.  Those responsible for governance...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 21, 2013  4:11 AM

Wikipedia: An assessment from a user’s perspective – Part VI



Posted by: Robert Davis
Adaptive Systems, Assurance Services, Attestation, Control Evaluation, Control System, Due Care, Educational Institutions, Internal Control System, Logical Security, Non-profit, Open Source, Operating Style, Quality Assurance Program, Security Risks, Trust Management

Based on my careful analysis of the factors associated with information reliability, there is a medium-to-high inherent risk of a researcher conveying unreliable information through citing Wikipedia material due to...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 17, 2013  12:02 AM

Wikipedia: An assessment from a user’s perspective – Part V



Posted by: Robert Davis
Adaptive Systems, Assurance Services, Attestation, Control Evaluation, Control System, Due Care, Educational Institutions, Internal Control System, Logical Security, Non-profit, Open Source, Operating Style, Quality Assurance Program, Security Risks, Trust Management

To provide an appropriate answer to this foundational question regarding Wikipedia an assessor must take into consideration the primary traits of reliability. Therefore, as previously stated in Wikipedia: An assessment from a user's perspective - part 1 as well as documented in

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

12