IT Governance, Risk, and Compliance

Feb 1 2011   9:04PM GMT

Governing IT: Setting Control Objectives – Part VI

Robert Davis Robert Davis Profile: Robert Davis

Reflective of ensuring effective IT control objectives, undertaking IT risk management provides the framework that enables future activity to take place in a consistent and controlled manner. As a particular, prioritization enables appropriate resource allocation to prevent, avoid, detect, and/or correct potential risks to the entity’s IT architecture. Once management understands the degree of total risk to information assets, decisions can be made regarding accepting specific risks or conducting tests to verify the sufficiency of detail risk treatment measures. Thereafter, in descending sequential order, the IT risk points exceeding the IT risk tolerance level can be addressed through adoption or revision of the entity’s IT control objectives.

View Part I of the Governing IT: Setting Control Objectives series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: