RISK IT Framework and Practitioner Guide published

The Risk IT Framework fills the gap between generic risk management frameworks and detailed (primarily security-related) IT risk management frameworks. It provides an end-to-end, comprehensive view of all risks related to the use of IT and a similarly thorough treatment of risk management, from the tone and culture at the top, to operational issues. In summary, the framework will enable enterprises to understand and manage all significant IT risk types, building upon the existing risk related components within the current ISACA frameworks, i.e., COBIT and Val IT.

The Risk IT Brochure & Framework are available free for everybody to download. The Risk IT Practitioner Guide with the toolkit can be freely downloaded by ISACA members. All these publications may be purchased in book format.

The Risk IT Brochure
â– What is Risk IT?
â– What does Risk IT do?
â– What are the benefits of using Risk IT?

The Risk IT Framework

  • Principles
  • Process Details
  • Management Guidelines
  • Maturity Models

The Risk IT Practitioner Guide

  • Risk Universe, Appetite and Tolerance
  • Risk Awareness, Communication and Reporting
  • Expressing and Describing Risk, Risk Scenarios
  • Risk Responses and Prioritisation
  • Using COBIT® and Val ITTM

The Risk IT Practitioner Guide Toolkit

  • High-level IT Risk Assessment Form
  • Risk Communication Flows
  • Template Risk Register Entry
  • Generic IT Risk Scenarios
  • Generic IT Risk Scenarios Mapped to COBIT and Val IT Processes
  • Generic IT Risk Scenarios and Environmental Risk Factors
  • COBIT Controls and Val IT Key Management Practices to Mitigate IT Risk