Upload
aleksandra-kosior
View
282
Download
1
Tags:
Embed Size (px)
Citation preview
Aleksandra Kosior
50593
*
*
1. IT Risk Management – the basics
2. The most pressing issues
3. Managing the risk
Basic IT risks
Managing risks as a process, not an action
4. The challenges
5. Conclusion
*
*
*The IT risk management is the application of risk management to Information technology context in order to manage IT risk, i.e.:
*The business risk associated with the use, ownership, operation, involvement, influence and adoption of IT within an enterprise
*
Source: ISACA
*
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Minimal risk
Some risk
Serious risk
Business critical
Source: IT Risk Management Survey by EY
*
*
*1. Increased exposure to internal treats
*2. Challenge for skilled staff
*3. Cloud computing
*4. Increasing regulation
*5. Accelerating change agenda
Source: IT Risk Management Survey by EY
*
*1: Key personnel losses in user areas
*2: Merger and acquisition fallout
*3: Poor communications
*4: Carelessness with vendors
*5: Board engagement in decision-making
*6: Distributed servers in remote locations
*7: Expert knowledge hoarding
*8: Employee dating and spouses
*9: Lack of documentation
*10: Your Disaster Recovery (DR) plan
Source: 10 IT Risk Management Issues that are often overlooked by Mary Shacklett, Tech republic
*
*
RISK
AVOID
ACCEPT
REDUCE
TRANSFER
*
*
*
*
*
1.Improving Third-Party Risk Management
2.Tune Risk Management For Greater
Flexibility And Response
3.Use More Data To Assess Risks
4.Collaborate With Business Users For More
Pervasive Risk Management
5.Balance Preventative Controls With
Detective Controls
Source: Top 5 IT Risk Management Resolutions For 2014 by Ericka Chickowski; darkReading Security
*