What is the best way to implement a risk assessment in an IT department that will align COBIT controls with risks?

15 pts.
Tags:
COBIT
Compliance
IT Compliance
regulatory compliance
Risk assessment
Risk management
A compliance officer in Europe could use some advice from fellow IT professionals and executives. His IT budget is being scrutinized, as is the case in every organization in 2009; he needs targets to get things done more efficiently but without taking on more risk. His department is evaluating benchmarking IT application controls as a way of testing strategy. He would like to know what you think is the best way to implement a risk assessment in an IT department that will align COBIT controls with risks. What are your recommendations?
ASKED: February 16, 2009  6:04 PM
UPDATED: March 23, 2009  5:27 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

This can a rather detailed/complicated subject depending on specific business needs. The key is to align COBIT (or whatever) with other widely-accepted standards/frameworks such as ISO/IEC 27002 and perform an assessment at that level. This has been documented by the IT Governance Institute <a href=”http://www.itgi.org/Template_ITGI.cfm?Section=Recent_Publications&Template=/ContentManagement/ContentDisplay.cfm&ContentID=45948″>here</a> and elsewhere on their site at www.itgi.org

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following