17
Aleksandra Kosior 50593 *

IT Risk Management

Tags:

Embed Size (px)

Citation preview

Page 1: IT Risk Management

Aleksandra Kosior

50593

*

Page 2: IT Risk Management

*

1. IT Risk Management – the basics

2. The most pressing issues

3. Managing the risk

Basic IT risks

Managing risks as a process, not an action

4. The challenges

5. Conclusion

Page 3: IT Risk Management

*

Page 4: IT Risk Management

*

*The IT risk management is the application of risk management to Information technology context in order to manage IT risk, i.e.:

*The business risk associated with the use, ownership, operation, involvement, influence and adoption of IT within an enterprise

Page 5: IT Risk Management

*

Source: ISACA

Page 6: IT Risk Management

*

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

Minimal risk

Some risk

Serious risk

Business critical

Source: IT Risk Management Survey by EY

Page 7: IT Risk Management

*

Page 8: IT Risk Management

*

*1. Increased exposure to internal treats

*2. Challenge for skilled staff

*3. Cloud computing

*4. Increasing regulation

*5. Accelerating change agenda

Source: IT Risk Management Survey by EY

Page 9: IT Risk Management

*

*1: Key personnel losses in user areas

*2: Merger and acquisition fallout

*3: Poor communications

*4: Carelessness with vendors

*5: Board engagement in decision-making

*6: Distributed servers in remote locations

*7: Expert knowledge hoarding

*8: Employee dating and spouses

*9: Lack of documentation

*10: Your Disaster Recovery (DR) plan

Source: 10 IT Risk Management Issues that are often overlooked by Mary Shacklett, Tech republic

Page 10: IT Risk Management

*

Page 11: IT Risk Management

*

Page 12: IT Risk Management

RISK

AVOID

ACCEPT

REDUCE

TRANSFER

*

Page 13: IT Risk Management

*

Page 14: IT Risk Management

*

Page 15: IT Risk Management

*

Page 16: IT Risk Management

*

1.Improving Third-Party Risk Management

2.Tune Risk Management For Greater

Flexibility And Response

3.Use More Data To Assess Risks

4.Collaborate With Business Users For More

Pervasive Risk Management

5.Balance Preventative Controls With

Detective Controls

Source: Top 5 IT Risk Management Resolutions For 2014 by Ericka Chickowski; darkReading Security

Page 17: IT Risk Management

*


IT RISK MANAGEMENT AND CLOUD SECURITY

IT RISK MANAGEMENT AND CLOUD SECURITY

Documents
How to Implement Risk Management So It Is … · How to Implement Risk Management So It Is ... & Reliability reactive Anticipatory ... 5.3.4 Risk Management Process Context

How to Implement Risk Management So It Is … · How to Implement Risk Management So It Is ... & Reliability reactive Anticipatory ... 5.3.4 Risk Management Process Context

Documents
Tuning the IT Risk Management Radar - KPMG | US the IT Risk Management ... company IT risk profile through smart process design, ... of risk and the methods for risk-based controls

Tuning the IT Risk Management Radar - KPMG | US the IT Risk Management ... company IT risk profile through smart process design, ... of risk and the methods for risk-based controls

Documents
IT Risk Management Guide

IT Risk Management Guide

Documents
Risk Management. 35 Risk Definitions Risk Management The practice of dealing with project risk. It includes planning for risk, assessing risk, developing

Risk Management. 35 Risk Definitions Risk Management The practice of dealing with project risk. It includes planning for risk, assessing risk, developing

Documents
IT Infrastructure Risk Management - Scale Computing · IT Infrastructure Risk Management How Scale Computing Helps Manage Risk in Infrastructure Technical Whitepaper. ... With traditional

IT Infrastructure Risk Management - Scale Computing · IT Infrastructure Risk Management How Scale Computing Helps Manage Risk in Infrastructure Technical Whitepaper. ... With traditional

Documents
IT Risk Management

IT Risk Management

Business
Risk Management in IT Services

Risk Management in IT Services

Technology
IT Risk Management Life Cycle and enabling it with GRC ... · IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013. ... Management is demanding more comprehensive,

IT Risk Management Life Cycle and enabling it with GRC ... · IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013. ... Management is demanding more comprehensive,

Documents
Introduction IT Risk Management Chap1

Introduction IT Risk Management Chap1

Documents
IT Risk Management - the right posture

IT Risk Management - the right posture

Documents
IT Policy, RISK MANAGEMENT

IT Policy, RISK MANAGEMENT

Business
Risk optimization management inside it governance

Risk optimization management inside it governance

Technology
Risk Management. IT Controls Risk management process Risk management process IT controls IT controls IT Governance Frameworks IT Governance Frameworks

Risk Management. IT Controls Risk management process Risk management process IT controls IT controls IT Governance Frameworks IT Governance Frameworks

Documents
The Convergence of Enterprise, IT and Security Risk Management · The Convergence of Enterprise, IT and Security Risk Management Sonal Sinha, ... Risk Management, Cyber Security,

The Convergence of Enterprise, IT and Security Risk Management · The Convergence of Enterprise, IT and Security Risk Management Sonal Sinha, ... Risk Management, Cyber Security,

Documents
IT Risk Management, Planning and Mitigation

IT Risk Management, Planning and Mitigation

Documents
IT GRC, Soluzioni Risk Management

IT GRC, Soluzioni Risk Management

Technology
Understanding IT Governance and Risk Management

Understanding IT Governance and Risk Management

Business
IT Risk Management Services

IT Risk Management Services

Documents
Risk Return Analysis - IT infrastructure - Risk Management

Risk Return Analysis - IT infrastructure - Risk Management

Business
Operational Risk Management for IT infrastructure · Operational Risk Management for IT infrastructure IWI jour fixe ... Combination of financial risk mgmt and IT mgmt theory

Operational Risk Management for IT infrastructure · Operational Risk Management for IT infrastructure IWI jour fixe ... Combination of financial risk mgmt and IT mgmt theory

Documents
An IT Risk & Compliance Management System

An IT Risk & Compliance Management System

Documents
IT MANAGEMENT IN BANKS, RISK MANAGEMENT OF „IT”

IT MANAGEMENT IN BANKS, RISK MANAGEMENT OF „IT”

Documents
Proactive IT security and risk management

Proactive IT security and risk management

Technology
Implementation of the SALGA ICT Capability Maturity ... · 2.1 IT Risk Management Assessment 2.2 IT Risk Management Framework & Plan 2.3 Risk Register Procedure 3. IT Security: 3.1

Implementation of the SALGA ICT Capability Maturity ... · 2.1 IT Risk Management Assessment 2.2 IT Risk Management Framework & Plan 2.3 Risk Register Procedure 3. IT Security: 3.1

Documents
YHCG - IT Security and Risk Management

YHCG - IT Security and Risk Management

Documents
Kpmg Information Risk Management IT Governance & Risk Management A paradigm of the relationship between Information Risk Management and IT Governance Graham

Kpmg Information Risk Management IT Governance & Risk Management A paradigm of the relationship between Information Risk Management and IT Governance Graham

Documents
IT Risk Management Report

IT Risk Management Report

Documents
Yhcg - IT security and risk management

Yhcg - IT security and risk management

Technology
IT Security management and risk assessment

IT Security management and risk assessment

Technology