IT Risk Management

Aleksandra Kosior

1. IT Risk Management – the basics

2. The most pressing issues

3. Managing the risk

Basic IT risks

Managing risks as a process, not an action

4. The challenges

5. Conclusion

*The IT risk management is the application of risk management to Information technology context in order to manage IT risk, i.e.:

*The business risk associated with the use, ownership, operation, involvement, influence and adoption of IT within an enterprise

Source: ISACA

Minimal risk

Some risk

Serious risk

Business critical

Source: IT Risk Management Survey by EY

*1. Increased exposure to internal treats

*2. Challenge for skilled staff

*3. Cloud computing

*4. Increasing regulation

*5. Accelerating change agenda

Source: IT Risk Management Survey by EY

*1: Key personnel losses in user areas

*2: Merger and acquisition fallout

*3: Poor communications

*4: Carelessness with vendors

*5: Board engagement in decision-making

*6: Distributed servers in remote locations

*7: Expert knowledge hoarding

*8: Employee dating and spouses

*9: Lack of documentation

*10: Your Disaster Recovery (DR) plan

Source: 10 IT Risk Management Issues that are often overlooked by Mary Shacklett, Tech republic

ACCEPT

REDUCE

TRANSFER

1.Improving Third-Party Risk Management

2.Tune Risk Management For Greater

Flexibility And Response

3.Use More Data To Assess Risks

4.Collaborate With Business Users For More

Pervasive Risk Management

5.Balance Preventative Controls With

Detective Controls

Source: Top 5 IT Risk Management Resolutions For 2014 by Ericka Chickowski; darkReading Security

IT Risk Management

Business

How to Implement Risk Management So It Is … · How to Implement Risk Management So It Is ... & Reliability reactive Anticipatory ... 5.3.4 Risk Management Process Context

IT Risk Management

IT Risk Management Report

Risk Management. IT Controls Risk management process Risk management process IT controls IT controls IT Governance Frameworks IT Governance Frameworks

Risk Management IT Security - Europa

An IT Risk & Compliance Management System

Operational Risk Management for IT infrastructure · Operational Risk Management for IT infrastructure IWI jour fixe ... Combination of financial risk mgmt and IT mgmt theory

Risk Management in IT Services

BeyondInsight IT Risk Management Platform - … · and virtual infrastructure ... A Collaborative Approach to IT Risk Management The BeyondInsight™ IT Risk Management Platform is

Proactive IT security and risk management

Risk optimization management inside it governance

YHCG - IT Security and Risk Management

IT Risk and Security Management Services

ISO 31000 - Risk management brochure - standard.no 31000 Risk management - EN_LR.pdf · 2 – ISO 31000, Risk management ISO 31000, Risk management – 3 Why was it revised? All ISO

IT Risk Management Guide

CYBERSECURITY - njbankers.com...– Financial Risk Management – Technology Risk Management – Operations and Process Improvement – IT Compliance (Risk Director) and Cybersecurity

Implementation of the SALGA ICT Capability Maturity ... · 2.1 IT Risk Management Assessment 2.2 IT Risk Management Framework & Plan 2.3 Risk Register Procedure 3. IT Security: 3.1

Yhcg - IT security and risk management

IT Infrastructure Risk Management - Scale Computing · IT Infrastructure Risk Management How Scale Computing Helps Manage Risk in Infrastructure Technical Whitepaper. ... With traditional

The Convergence of Enterprise, IT and Security Risk Management · The Convergence of Enterprise, IT and Security Risk Management Sonal Sinha, ... Risk Management, Cyber Security,