Recent Changes

Sunday, July 17

  1. page IT Strategy edited ... In other words, a response needs to be defined such that future residual risk (=current risk w…
    ...
    In other words, a response needs to be defined such that future residual risk (=current risk with the risk response defined and implemented) is as much as possible (usually depending on budgets available) within risk tolerance limits.
    {risk_response.jpg} Figure showing Risk Response
    Risk IT Benefits and Outcomes
    Accurate view on current and near-future IT-related events
    End-to-end guidance on how to manage IT-related risks
    Understanding of how to capitalise on the investment made in an IT internal control system already in place
    Integration with the overall risk and compliance structures within the enterprise
    Common language to help manage the relationships
    Promotion of risk ownership throughout the organisation
    Complete risk profile to better understand risk

    Reference:
    Csanad, 2010, The Importance of Financial Statements, Available at:http://hubpages.com/hub/The-Importance-of-financial-statements [Accessed 6th May 2010]
    (view changes)
    7:23 am
  2. page IT Strategy edited ... IT and external auditors Regulators Risk Response The The purpose of ... risk analys…
    ...
    IT and external auditors
    Regulators
    Risk Response
    The

    The
    purpose of
    ...
    risk analysis.
    In other words, a response needs to be defined such that future residual risk (=current risk with the risk response defined and implemented) is as much as possible (usually depending on budgets available) within risk tolerance limits.
    {risk_response.jpg} Figure showing Risk Response
    Reference:
    Csanad, 2010, The Importance of Financial Statements, Available at:http://hubpages.com/hub/The-Importance-of-financial-statements [Accessed 6th May 2010]
    (view changes)
    7:23 am
  3. 7:21 am
  4. page IT Strategy edited ... IT and external auditors Regulators Risk Response The purpose of defining a risk response…
    ...
    IT and external auditors
    Regulators
    Risk Response
    The purpose of defining a risk response is to bring risk in line with the defined risk tolerance for the enterprise after due risk analysis.
    In other words, a response needs to be defined such that future residual risk (=current risk with the risk response defined and implemented) is as much as possible (usually depending on budgets available) within risk tolerance limits.

    Reference:
    Csanad, 2010, The Importance of Financial Statements, Available at:http://hubpages.com/hub/The-Importance-of-financial-statements [Accessed 6th May 2010]
    (view changes)
    7:21 am
  5. page IT Strategy edited ... Risk IT provides a balanced view of an enterprise’s IT-related business risks: – Brings toget…
    ...
    Risk IT provides a balanced view of an enterprise’s IT-related business risks:
    – Brings together all aspects of IT risk, including value, change, availability, security, project and recovery.
    ...
    IT security) (see next slide).
    – Offers
    ...
    and opportunities.
    Who Benefits From Risk IT?
    Boards and executive management; C-suite
    Corporate and operational risk managers
    IT management
    IT service managers
    IT security managers
    Enterprise governance officers
    Business managers
    IT and external auditors
    Regulators

    Reference:
    Csanad, 2010, The Importance of Financial Statements, Available at:http://hubpages.com/hub/The-Importance-of-financial-statements [Accessed 6th May 2010]
    (view changes)
    7:18 am
  6. page IT Strategy edited ... Helps leadership understand the enterprise’s risk appetite and risk tolerance Provides practi…
    ...
    Helps leadership understand the enterprise’s risk appetite and risk tolerance
    Provides practical guidance driven by the needs of enterprise leadership around the world
    Risk IT provides a balanced view of an enterprise’s IT-related business risks:
    – Brings together all aspects of IT risk, including value, change, availability, security, project and recovery.
    – Other standards and frameworks are either too generic (e.g., ERM-oriented) or too focused on one aspect (e.g., IT security) (see next slide).
    – Offers a single, comprehensive view of IT-related business risks, which can cost companies millions annually in lost revenues and opportunities.

    Reference:
    Csanad, 2010, The Importance of Financial Statements, Available at:http://hubpages.com/hub/The-Importance-of-financial-statements [Accessed 6th May 2010]
    (view changes)
    7:17 am
  7. page IT Strategy edited ... Obsolete or inflexible IT architecture IT service delivery problems What Risk IT Offers Pr…
    ...
    Obsolete or inflexible IT architecture
    IT service delivery problems
    What Risk IT Offers
    Provides guidance to help executives and management ask the key questions, make better, more informed risk-adjusted decisions and guide their enterprises so risk is managed effectively
    Helps save time, cost and effort with tools to address business risks
    Integrates the management of IT-related business risks into overall enterprise risk management
    Helps leadership understand the enterprise’s risk appetite and risk tolerance
    Provides practical guidance driven by the needs of enterprise leadership around the world

    Reference:
    Csanad, 2010, The Importance of Financial Statements, Available at:http://hubpages.com/hub/The-Importance-of-financial-statements [Accessed 6th May 2010]
    (view changes)
    7:17 am
  8. page IT Strategy edited ... Important to integrate with existing levels of risk management practices. {risk.jpg} Figure …
    ...
    Important to integrate with existing levels of risk management practices.
    {risk.jpg} Figure showing IT Related Focus
    IT-related Risk Management
    Risk IT is not limited to information security. It covers all IT-related risks, including:
    Late project delivery
    Not achieving enough
    value from IT
    Compliance
    Misalignment
    Obsolete or inflexible IT architecture
    IT service delivery problems

    Reference:
    Csanad, 2010, The Importance of Financial Statements, Available at:http://hubpages.com/hub/The-Importance-of-financial-statements [Accessed 6th May 2010]
    (view changes)
    7:16 am
  9. page IT Strategy edited ... Need to cross IT silos of risk management. Important to integrate with existing levels of ris…
    ...
    Need to cross IT silos of risk management.
    Important to integrate with existing levels of risk management practices.
    {risk.jpg} Figure showing IT Related Focus
    Reference:
    Csanad, 2010, The Importance of Financial Statements, Available at:http://hubpages.com/hub/The-Importance-of-financial-statements [Accessed 6th May 2010]
    (view changes)
    7:15 am
  10. file risk.jpg uploaded
    7:14 am

More