IT Governance, Risk, and Compliance

Jul 9 2010   5:28PM GMT

Not-for-profit Risk Management – Part III

Robert Davis Robert Davis Profile: Robert Davis

To adequately govern not-for-profit IT, risk management must be addressed at multiple levels; including entity, project, and service layers. Those responsible for governance must understand the ubiquitous nature of technical and operational risks that each approved project presents and progressively meld initial assessments into an entity-wide, portfolio-focused and strategically driven comprehensive risk assessment. An entities managerial philosophy and operating style can be assessed by examining the nature of IT risks management accepts, the frequency of managements’ interaction with IT subordinates, and managements’ attitude toward monitoring IT processes; leading to designing and deploying specific compensating, mitigating, and/or enhancing activities.

View Part I of the Not-for-profit Risk Management series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: