The Risk IT Framework

  • 2h 3m
  • 2009

Risk IT is a set of proven, real-world practices that helps enterprises achieve their goals, seize opportunities and seek greater return with less risk. It works at the intersection of business and IT and allows enterprises to manage—and even capitalize on—risk in the pursuit of their objectives. It extends COBIT, the globally recognized IT governance framework, and saves time, cost and effort by providing enterprises with a way to focus effectively on IT-related business risk areas, including risks related to late project delivery, compliance, misalignment, obsolete IT architecture and IT service delivery problems.

The Risk IT Framework provides a set of guiding principles and supporting practices for enterprise management, combined to deliver a comprehensive process model for governing and managing IT risk. For users of COBIT and Val IT, this process model will look familiar. Guidance is provided on the key activities within each process, responsibilities for the process, information flows between processes and performance management of each process. The model is divided into three domains—Risk Governance, Risk Evaluation, Risk Response—each containing three processes:

  • Risk Governance
    • Establish and maintain a common risk view
    • Integrate with enterprise risk management
    • Make risk-aware business decisions
  • Risk Evaluation
    • Collect data
    • Analyze risk
    • Maintain risk profile
  • Risk Response
    • Articulate risk
    • Manage risk
    • React to events

In this Book

  • Executive Summary
  • Risk IT Framework—Purpose and Target Audience
  • Risk IT Principles
  • The Risk IT Framework
  • Essentials of Risk Governance
  • Essentials of Risk Evaluation
  • Essentials of Risk Response
  • Risk and Opportunity Management Using COBIT, Val IT and Risk IT
  • The Risk IT Framework Process Model Overview
  • Managing Risk in Practice—The Practitioner Guide Overview
  • Overview of the Risk IT Framework Process Model
  • The Risk IT Framework
  • Overview of Reference Materials
  • Other ISACA Publications