The ISACA Risk IT Framework
Source: Mash Risk Television
ValueBridge Advisors
Brian Barnier, Principal
Runtime: 6:57
Barnier was a co-developer of The Risk IT Framework.
Key Takeaways:
- Developed by ISACA, The Risk IT Framework is the first global IT-related risk guidance to provide a comprehensive view of business risks related to IT initiatives.
- The Risk IT Framework is not limited to information security. It covers all IT-related risks, including:
- Late project delivery
- Not achieving enough value from IT
- Compliance
- Misalignment
- Obsolete or inflexible IT architecture
- IT service delivery problems
- The Risk IT Framework is based on the principles of enterprise risk management standards/frameworks such as COSO ERM and AS/NZS 4360.
- Benefits and Outcomes of The Risk IT Framework:
- Accurate view on current and near-future IT-related events
- End-to-end guidance on how to manage IT-related risks
- Understanding of how to capitalise on the investment made in an IT internal control system already in place
- Integration with the overall risk and compliance structures within the enterprise
- Common language to help manage the relationships
- Promotion of risk ownership throughout the organisation
- Complete risk profile to better understand risk
- The Risk IT Framework is available from ISACA as a free download at www.isaca.org/riskit.