IT Risk Assessment and Risk Management
Hands-on practice with thorough explanations, presentations, demos, small standalone exercises during the training.
A 1-2 days seminar for management (CEO/COO/CFO/CMO), finance, HR, legal, technical management (CTO/CIO/CISO), infrastructure architects, software architects, project managers.
This training is for
Management (CEO/COO/CFO/CMO)
Legal
Software architects
Finance
Technical management (CTO/CIO/CISO)
Project managers
HR
Infrastructure architects
GET COMPREHENSIVE TRAINING FOR YOUR TEAM
Agenda
1. IT Risk overview & principles
Permanent connection to business objectives
Enterprise risk appetite and risk tolerance
Balancing costs and benefits of managing IT Risk
Promoting fair and open communication of IT Risk
RACI charts (responsible, accountable, consulted, informed)
IT Risk as a continuous process
Integrating IT Risk into overall Enterprise Risk Management (ERM)
Understand how to respond to IT Risk
2. The CoBIT Risk IT Framework
Set of defined governance practices
End-to-end process framework for successful IT risk management
Generic list of common, potentially adverse, IT-related risk scenarios that could impact business objectives
Tools and techniques needed to understand concrete risks to business operations
e. o Risk Governance
- Establish and Maintain a Common Risk View
- Integrate with Enterprise Risk Management (ERM)
- Make Risk-aware Business Decisions
Risk Evaluation (Collect Data, Analyze Risk, Maintain Risk Profile)
Risk Response (Articulate Risk, Manage Risk, React to Events)
3. The CoBIT Risk IT Practitioner Guide
Building scenarios, based on a set of generic IT risk scenarios
Building a risk map, using techniques to describe the impact and frequency of scenarios
Building impact criteria with business relevance
Defining KRIs (Key Risk Indicators)