IT Governance, Risk, and Compliance

Apr 26 2010   5:51PM GMT

Achieving Not-for-profit Organizational Objectives through IT Governance Deployment – Part VI

Robert Davis Robert Davis Profile: Robert Davis

Governing an entity mandates management accurately conceptualize information criticality and communication paths. Reflective of the Australian/New Zealand Standard on Risk Management (AS/NZS ISO 31000:2009), risk management is an iterative process consisting of steps, which when taken in sequence, enable continual improvement in decision-making. It is also the logical and systematic method of identifying, analyzing, evaluating, treating, monitoring and conveying risks associated with any system, process, activity, or task in a way that will enable an entity to minimize losses and maximize opportunities. Consequently, management of risk represents the means by which an entity elects to administrate cataloged possibilities. As alternative responses, risks may be addressed by reducing, avoiding, transferring, or accepting potential threats. Specific to not-for-profit entities, these risks typically encompass: objective achievement, organizational credibility, equitable provision of services, and appropriate behavior of officials.

View Part I of the Achieving Not-for-profit Organizational Objectives through IT Governance Deployment series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: