IT Governance, Risk, and Compliance

Jul 20 2010   5:10PM GMT

Not-for-profit Risk Management – Part VI

Robert Davis Robert Davis Profile: Robert Davis

An IT risk assessment consists of risk identification and risk analysis. For not-for-profit entities, risk identification includes examining external factors such as technological developments and economic changes; while considering internal factors such as personnel quality, the nature of the entity’s activities, and the characteristics of information processing. Wherefore, risk analysis involves estimating the significance of risks, assessing the likelihood of risks occurring, and considering how to manage the risks. To this end, documenting overall and detail control perimeters aids in assessing risk analysis process datum and decisions.

View Part I of the Not-for-profit Risk Management series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: