IT Governance, Risk, and Compliance:

Risk Management


July 9, 2010  5:28 PM

Not-for-profit Risk Management – Part III



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Strategic Planning, Value Delivery

To adequately govern not-for-profit IT, risk management must be addressed at multiple levels; including entity, project, and service layers.

July 6, 2010  6:10 PM

Not-for-profit Risk Management – Part II



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Strategic Planning, Strategic Risk, Strategy, Value Delivery

By definition, strategy is the skill in managing or planning an approach to achieving an end. It is crucial to accomplishing an entity’s long range plans. Strategy is concerned with controlling the entity’s destiny and achieving stated goals; while planning is a formalized procedure to produce...


July 1, 2010  6:00 PM

Not-for-profit Risk Management – Part I



Posted by: Robert Davis
COBIT, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, IT Architecture, IT Service Management, ITG, ITSM, Performance Measurement, Risk Assessment, Risk Management, Strategic Planning, Value Delivery

Crucial to achieving appropriate not-for-profit performance and conformance equilibrium is consideration of the entity’s strategic mission as well as risk management system. To empower...


May 3, 2010  4:52 PM

Achieving Not-for-profit Organizational Objectives through IT Governance Deployment – Part VIII



Posted by: Robert Davis
Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, Information and Communication Technology, IT Service Management, Non-profit, Not-for-profit, Risk Assessment, Risk Management, Value Delivery

Generally, IT governance deployment enables ensuring the entity’s technology assets and the encoded information contained within are: available,...


April 29, 2010  6:17 PM

Achieving Not-for-profit Organizational Objectives through IT Governance Deployment – Part VII



Posted by: Robert Davis
Control Objectives for Information and related Technology, E-Governance, E-Government, Educational Institutions, Enterprise Governance, Entity Governance, Government Agencies, Information and Communication Technology, Information Systems Audit and Control Association, IT Governance Institute, IT Infrastructure Library, IT Service Management, Non-profit, Not-for-profit, Organizational Formation, Risk Assessment, Risk Management, Service Delivery, Value Delivery

IT governance risk management defines not-for-profit strategic alignment, value delivery, resource management, and performance measurement processes through responses to IT risk assessments. Within this context, as with for-profit entities, the IT risk assessment methodology will vary depending on...


April 26, 2010  5:51 PM

Achieving Not-for-profit Organizational Objectives through IT Governance Deployment – Part VI



Posted by: Robert Davis
COBIT, Control Objectives for Information and related Technology, E-Governance, E-Government, Educational Institutions, Enterprise Governance, Entity Governance, Governance Tree, Government Agencies, ICT, Information and Communication Technology, Information Systems Audit and Control Association, ISACA, IT Governance Institute, IT Infrastructure Library, IT Service Management, ITG, ITGI, ITSM, Non-profit, Not-for-profit, Organizational Formation, Risk Assessment, Risk Management, Service Delivery

Governing an entity mandates management accurately conceptualize information criticality and communication paths. Reflective of the Australian/New Zealand Standard on Risk Management (AS/NZS ISO...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


February 8, 2010  7:39 PM

IT Audit Fieldwork: Generally Accepted Processes – Part VIII



Posted by: Robert Davis
AA, Applications, Assurance Services, Audit Assurance, CA, CIA, CICA, CISA, CITP, Compliance Testing, CPA, Evidence, Files, Information Technology, Infrastructure, IT, IT Audit, PM, Programs, Project Management, Risk Assessment, Risk Management, Study, Substantive Testing

When providing audit assurance, auditors commonly have an opportunity to define current risks to resources and subsequently recommend remedial activities to reduce assessed risks to resources. Professionally, three generally accepted audit fieldwork standards guide auditors in the performance...


February 4, 2010  6:50 PM

IT Audit Fieldwork: Generally Accepted Processes – Part VII



Posted by: Robert Davis
AA, Applications, Assurance Service, Audit Assurance, CA, CIA, CICA, CISA, CITP, Compliance Testing, CPA, Evidence, Files, Information Technology, Infrastructure, IT, IT Audit, PM, Programs, Project Management, Risk Management, Substantive Testing

Compliance and substantive testing to collect sufficient evidential matter to render an opinion on the audit area follows the


February 2, 2010  5:56 PM

IT Audit Fieldwork: Generally Accepted Processes – Part VI



Posted by: Robert Davis
AA, Application Controls, Audit, Audit Assurance, CA, CIA, CICA, CISA, CITP, CPA, Files, General Controls, Information Technology, Infrastructure, IT, IT Audit, PM, Program, Project Management, Review, Risk Management, Study, Test

IT processing of datum has effects on controls and audit trails. IT can induce numerous changes in processing cycles. As a result of these changes, the IT auditor must evaluate the effects on the basic characteristics of control. The IT auditor...


January 28, 2010  4:56 PM

IT Audit Fieldwork: Generally Accepted Processes – Part V



Posted by: Robert Davis
AA, Applications, Assurance Service, Audit Assurance, CA, CIA, CICA, CISA, CITP, Compliance Testing, CPA, Files, GRC, Information Technology, Infrastructure, IT, IT Audit, PM, Procedures, Program, Project Management, Risk Management, Study, Substantive Testing

Concepts and procedures involved in the auditor’s study and evaluation of controls for manual systems are also applicable when processing is performed by IT. Commonly, a primary objective of the...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: