IT Governance, Risk, and Compliance:

Risk Assessment


April 5, 2011  5:45 PM

Managing the Dynamic Uncertainties of IT – Part VIII



Posted by: Robert Davis
Adaptive Process, Adaptive Systems, COBIT, Control Environment, Dynamic Equilibrium, Illegal Acts, Risk Assessment, Risk Management

Technology is an enabler, not a solution, for deploying and executing a sound operational strategy. To ensure effectiveness, responsibility for executing an adopted strategy should be shared across the entity, making all employees accountable as...

April 1, 2011  6:32 PM

Managing the Dynamic Uncertainties of IT – Part VII



Posted by: Robert Davis
Adaptive Process, Adaptive Systems, COBIT, Control Environment, Dynamic Equilibrium, Illegal Acts, Risk Assessment, Risk Management

An IT risk assessment can classify information assets by criticality, sensitivity, and impact on operations. For most entities, comprehensive IT risks evaluations should be iterative and adaptive processes. Therefore, adequate IT risk management...


March 29, 2011  8:28 PM

Managing the Dynamic Uncertainties of IT – Part VI



Posted by: Robert Davis
Adaptive Process, Adaptive Systems, COBIT, Control Environment, Dynamic Equilibrium, Illegal Acts, Risk Assessment, Risk Management

An adequate IT plan describes predetermined objectives, goals as well as ambit with sufficient supporting detail to guide risk assessment development. Correspondingly, IT risk assessment plans should reflect applicable IT standards and practice statements issued by governing bodies. Whereby,...


March 25, 2011  3:32 PM

Managing the Dynamic Uncertainties of IT – Part V



Posted by: Robert Davis
Adaptive Process, Adaptive Systems, COBIT, Control Environment, Dynamic Equilibrium, Illegal Acts, Risk Assessment, Risk Management

The IT program’s ambit generally dictates the risk assessment approach. Regarding techniques, the IT program’s ambit determines ‘what’ will be assessed, ‘how’ it will be assessed and assessment limits. Reflective of the IT planning premise, evaluating...


March 22, 2011  5:36 PM

Managing the Dynamic Uncertainties of IT – Part IV



Posted by: Robert Davis
Adaptive Process, Adaptive Systems, COBIT, Control Environment, Dynamic Equilibrium, Illegal Acts, Risk Assessment, Risk Management

Selecting a discretionary IT risk management framework imposes defining spending limits, work assignments and information decisions for creating and managing a viable strategically aligned IT management plan. ...


March 18, 2011  8:30 PM

Managing the Dynamic Uncertainties of IT – Part III



Posted by: Robert Davis
Adaptive Process, Adaptive Systems, COBIT, Control Environment, Dynamic Equilibrium, Illegal Acts, Risk Assessment, Risk Management

Managerial monitoring of deployed controls focusing on redressing external and internal environment quality assists in ensuring the established fiduciary relationship with stakeholders is fulfilled. An entity’s control environment quality is a major factor impacting irregular...


March 15, 2011  7:16 PM

Managing the Dynamic Uncertainties of IT – Part II



Posted by: Robert Davis
Adaptive Process, Adaptive Systems, COBIT, Control Environment, Dynamic Equilibrium, Risk Assessment, Risk Management

Risk management should be a continuous, adaptive effort addressing: threats, opportunities, and vulnerabilities. In pursuit of achieving dynamic homeostasis for IT, effective "


March 11, 2011  3:16 PM

Managing the Dynamic Uncertainties of IT – Part I



Posted by: Robert Davis
Adaptive Systems, Control Environment, Dynamic Equilibrium, Risk Assessment, Risk Management

Most entities operate in an environment that is influenced by perceived stakeholder values; the entity’s mission, vision and values; community and organizational ethics and culture; applicable laws, regulations and policies; as well as industry practices. When interacting with the environment,...


July 27, 2010  3:28 PM

Not-for-profit Risk Management – Part VIII



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Risk Tolerance, Strategic Planning, Value Delivery

Deploying Enterprise Governance bilaterally connected to IT Governance enables management to focus on value creation drivers that move an entity forward and sustain proper as well as adequate controls. ...


July 23, 2010  6:25 PM

Not-for-profit Risk Management – Part VII



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Risk Tolerance, Strategic Planning, Value Delivery

Utilizing a maturity model can aid management in identifying risk issues. Procedurally, a maturity model provides a standard means to document and evaluate the state of controls. Collectively, the entity’s not-for-profit managers can contribute to...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: