IT Governance, Risk, and Compliance

Mar 2 2013   4:38PM GMT

Risk Management: Is it just another set of business buzzwords? – Part III

Robert Davis Robert Davis Profile: Robert Davis

Similar to business risk management, IT risk management is a continuous process that should be interlaced into the fabric of an entity.  IT risks directly impact an entity’s ability to provide goods and/or services at an acceptable price.  Inherently, computer hardware and software as well as personnel present potential risks to an entity achieving business objectives.

Through appropriate management, risks can be accepted, reduced, or transferred; however, IT related risk can never be completely eliminated.  Minimally, IT governance risk management should address strategic alignment, value delivery, resource management, and performance measurement.  Depending on the circumstances, entity and IT governance domain characteristics may overlap or have distinctiveness, yet IT controls continuity and stability can be sustained even when governance domain characteristics are mutually inclusive.


Davis, Robert E. (2011). Assuring IT Governance. Available from and

Davis, Robert E. (2006). IT Auditing: IT Governance. Mission Viejo: Pleier. CD-ROM.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: