What We Do
- Orbus TV
- Sign In
Developing an IT Risk Management Program
About this Resource
IT Risk Management is an important capability for any organization that relies on information technology. IT-related risks can be defined and the business risks associated with the adoption and use of IT.
The use of IT to support many core functions in business today has led to an increase in cyber-crime. This has resulted in an increased focus on properly securing businesses information and technology resources, and identifying and controlling security risks timeously. As such, the identification, management and control of IT-related risks requires a formal risk management program.
In order to define, implement and manage an effective risk management program, the following activities and outcomes should be in place:
• Identification and understanding of IT related risk;
• Developing and implementing risk management processes;
• Defining a risk model and using various tools and techniques for risk management
o Including the implementation of principles and policies for risk mitigation and controls;
• Developing a risk assessment approach o Making use of risk management tools and techniques.
In this paper we will discuss these activities in more detail, and identify the key outcomes of a well-defined IT-related risk management program.
Login to continue reading or register now to download the ebook.
Already a Member? Sign in here
Microsoft®, Visio® and Office® are all registered trademarks of Microsoft Corporation. The Open Group®, ArchiMate®, TOGAF® are registered trademarks of The Open Group. IT4IT™ is a trademark of The Open Group. ITIL® and PRINCE® are registered trademarks of AXELOS Limited. The Swirl Logo™ is a trade mark of AXELOS Limited. Copyright © AXELOS Limited 2016 All rights reserved. Material is reproduced under license from AXELOS. COBIT® is a registered trademark of ISACA and the IT Governance Institute, and material is reproduced under license from ISACA.