Search results
Jump to navigation
Jump to search
Page title matches
- ...risk management method is in the context of project management, security, risk analysis, industrial processes, financial portfolios, actuarial assessments ...of the risk, and accepting some or all of the consequences of a particular risk. ...27 KB (4,185 words) - 23:45, 10 March 2010
- ==Risk Mitigation== ...esholds and parameters. While not a control, insurance can be an effective risk mitigation tool. Management should balance controls against business operat ...655 bytes (85 words) - 19:15, 17 April 2007
- ==Risk Analysis== Risk analysis is a technique to identify and assess factors that may jeopardize ...1 KB (215 words) - 18:32, 13 April 2007
- ...ess. Risk assessment is [[measurement|measuring]] two quantities of the [[risk]] ''R'', the magnitude of the potential loss ''L'', and the probability ''p :[[image:risk.jpg|thumb|400px|Risk]] ...10 KB (1,633 words) - 16:03, 22 December 2007
- ==IT Risk Management Process== ...ent process. Therefore, the ability to mitigate IT risks is dependent upon risk assessments. Senior management should identify, measure, control, and monit ...4 KB (528 words) - 16:58, 28 March 2010
- 193 bytes (24 words) - 10:57, 16 March 2010
- ==Risk Management== ...cepting some or all of the consequences of a particular risk. Traditional risk management focuses on risks stemming from physical or legal causes (e.g. na ...43 KB (6,368 words) - 11:22, 4 July 2015
- [[File:Risk-Calculator-Flowchart-Generic-MDP-2013122401.jpg]] ...3 KB (411 words) - 12:27, 16 October 2014
- 2 KB (382 words) - 20:24, 27 February 2008
- ...anized, systematic approach, you can approach risk management effectively. Risk simply put is the negative impact to business assets by the exercise of vul ...am for a commercial enterprise, the processes of calculating the cost of a risk exposure and what the appropriate costs of mitigating those risks should be ...23 KB (3,630 words) - 10:19, 27 October 2012
- '''Sustainable Risk Reduction Through Information Security Process Awareness Test Template.'''< ...by <Your Company Name> to gauge and promote end-user awareness of managing risk with the use of security processes.<br> ...2 KB (305 words) - 17:31, 3 August 2006
- '''Sustainable Risk Reduction Through Information Security Process Awareness Test Template.'''< ...by <Your Company Name> to gauge and promote end-user awareness of managing risk with the use of security processes.<br> ...2 KB (309 words) - 17:34, 3 August 2006
Page text matches
- ==Risk Analysis== Risk analysis is a technique to identify and assess factors that may jeopardize ...1 KB (215 words) - 18:32, 13 April 2007
- ==Risk Mitigation== ...esholds and parameters. While not a control, insurance can be an effective risk mitigation tool. Management should balance controls against business operat ...655 bytes (85 words) - 19:15, 17 April 2007
- '''ME 4.5 Risk Management'''<br> ...sight, and their actual and potential business impact. The enterprise’s IT risk position should be transparent to all stakeholders.<br> ...2 KB (334 words) - 13:36, 4 May 2006
- ...nt]], [[Contingency Plan Testing]], and [[Risk_Assessment_and_Treatment: | Risk Management]]. ...464 bytes (58 words) - 13:24, 30 April 2007
- '''1. Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...6 KB (766 words) - 13:42, 23 June 2006
- '''Sustainable Risk Reduction Through Information Security Process Awareness Test Template.'''< ...by <Your Company Name> to gauge and promote end-user awareness of managing risk with the use of security processes.<br> ...2 KB (305 words) - 17:31, 3 August 2006
- '''Sustainable Risk Reduction Through Information Security Process Awareness Test Template.'''< ...by <Your Company Name> to gauge and promote end-user awareness of managing risk with the use of security processes.<br> ...2 KB (309 words) - 17:34, 3 August 2006
- '''PO 9.1 IT and Business Risk Management Alignment'''<br> ...amework. This includes alignment with the organization’s risk appetite and risk tolerance level.<br> ...3 KB (377 words) - 14:10, 8 August 2006
- '''1. Risk: Unauthorized users might exploit unauthorized access to critical business '''2. Risk: Unnecessary disruptions to business processes or data corruption may occur ...6 KB (729 words) - 13:40, 23 June 2006
- '''1 Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...6 KB (821 words) - 18:11, 28 August 2006
- '''1. Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...6 KB (779 words) - 13:45, 23 June 2006
- '''1. Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...6 KB (816 words) - 13:41, 23 June 2006
- ...tion Through Information Security Process Testing Template:|'''Sustainable Risk Reduction Through Information Security Process Testing Template''']]<br> ...questions can be used to gauge and promote end-user awareness of managing risk with the use of security processes.<br> ...2 KB (289 words) - 16:08, 3 August 2006
- '''PO 9.2 Establishment of Risk Context'''<br> ...comes. This includes determining the internal and external context of each risk assessment, the goal of the assessment and the criteria against which risks ...2 KB (317 words) - 20:10, 1 May 2006
- '''1. Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...7 KB (901 words) - 13:44, 23 June 2006
- '''1 Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...7 KB (895 words) - 13:44, 23 June 2006
- '''1. Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...7 KB (901 words) - 13:43, 23 June 2006
- ...selection and design of the layout of a site should take into account the risk associated with natural and man-made disasters, while considering relevant '''Risk Association Control Activities:'''<br> ...2 KB (350 words) - 18:15, 5 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Job schedules can be easily ignored or circumvented, resulting in processi ...3 KB (467 words) - 18:39, 5 May 2006
- ==IT Risk Management Process== ...ent process. Therefore, the ability to mitigate IT risks is dependent upon risk assessments. Senior management should identify, measure, control, and monit ...4 KB (528 words) - 16:58, 28 March 2010
- '''Risk Association Control Activities:''' ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...3 KB (408 words) - 16:10, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Computer equipment may be compromised by accidental damage.''' ...2 KB (267 words) - 18:29, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...4 KB (517 words) - 18:12, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Computer equipment may be compromised by accidental damage.''' ...2 KB (268 words) - 15:01, 8 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Development and maintenance of system with potential impact to financial r ...4 KB (583 words) - 12:06, 23 June 2006
- ==Risk Association Control Activities:== ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...3 KB (366 words) - 18:00, 25 April 2007
- ...a classification, the organization’s information security architecture and risk profile. Issues to consider include access rights and privilege management, '''Risk Association Control Activities:'''<br> ...3 KB (374 words) - 15:05, 3 May 2006
- '''PO 9.4 Risk Assessment'''<br> ...e methods. The likelihood and impact associated with inherent and residual risk should be determined individually, by category and on a portfolio basis.<br ...2 KB (304 words) - 20:21, 1 May 2006
- ==AI 1.2 Risk Analysis Report== ==Risk Association Control Activities:== ...2 KB (269 words) - 23:52, 14 June 2007
- '''PO 9.5 Risk Response'''<br> ...fits and select responses that constrain residual risks within the defined risk tolerance levels.<br> ...5 KB (738 words) - 20:24, 1 May 2006
- '''PO 4.8 Responsibility for Risk, Security and Compliance'''<br> ...ity issues. Obtain direction from senior management on the appetite for IT risk and approval of any residual IT risks.<br> ...3 KB (370 words) - 18:04, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that policies and procedures that de ...3 KB (471 words) - 12:32, 23 June 2006
- '''PO 9.6 Maintenance and Monitoring of a Risk Action Plan'''<br> Prioritize and plan the control activities at all levels to implement the risk responses identified as necessary, including identification of costs, benef ...2 KB (325 words) - 01:16, 2 May 2006
- '''PO 10.9 Project Risk Management'''<br> '''Risk Association Control Activities:'''<br> ...3 KB (403 words) - 12:37, 23 June 2006
- ==Risk Association Control Activities:== ::'''1. Risk: Conflicting access credential may violate confidentiality, [[Privacy | pri ...3 KB (362 words) - 23:55, 14 June 2007
- ==Risk Association Control Activities:== ::'''1. Risk: Operational failures may not be identified and resolved in an appropriate, ...2 KB (297 words) - 18:35, 25 April 2007
- ...requirements regarding delivery of value from IT investments, appetite for risk, integrity, ethical values, staff competence, accountability and responsibi '''Risk Association Control Activities:'''<br> ...4 KB (580 words) - 18:00, 23 June 2006
- ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...2 KB (295 words) - 15:33, 25 June 2006
- ::'''1. Risk: The transfer of programs into the live environment is not appropriately co 1. Determine that a risk assessment of the potential impact of changes to system software is perform ...2 KB (303 words) - 19:58, 23 June 2006
- ...tion processing. Without an adequate infrastructure, there is an increased risk that financial reporting applications will not be able to pass data between '''Risk Association Control Activities:'''<br> ...4 KB (496 words) - 17:26, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: The transfer of programs into the live environment may not be appropriatel ...3 KB (432 words) - 13:02, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...3 KB (436 words) - 14:30, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...3 KB (442 words) - 13:59, 23 June 2006
- ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...2 KB (291 words) - 16:02, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that policies and procedures that de ...5 KB (700 words) - 18:07, 23 June 2006
- ...process that identifies threats, vulnerabilities, and results in a formal risk assessment. ...2 KB (294 words) - 14:46, 2 March 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Development and maintenance of system with potential impact to financial r ...4 KB (524 words) - 15:03, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Information security and business requirements may be compromised. Inaccur ...3 KB (460 words) - 16:08, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...3 KB (396 words) - 14:02, 23 June 2006
- ...nce against key project criteria (e.g., scope, schedule, quality, cost and risk); identify any deviations from plan; assess their impact on the project and '''Risk Association Control Activities:'''<br> ...3 KB (368 words) - 02:03, 2 May 2006
- '''Risk Association Control Activities:'''<br> ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...3 KB (459 words) - 17:56, 21 June 2006
- ...ess. Risk assessment is [[measurement|measuring]] two quantities of the [[risk]] ''R'', the magnitude of the potential loss ''L'', and the probability ''p :[[image:risk.jpg|thumb|400px|Risk]] ...10 KB (1,633 words) - 16:03, 22 December 2007
- ==Risk Association Control Activities:== ...2 KB (272 words) - 18:05, 25 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Financial systems fail due to a lack of operational procedures being execu ...4 KB (550 words) - 14:34, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...3 KB (394 words) - 17:12, 22 March 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Conflicting access credential may violate confidentiality, privacy, or pos ...3 KB (382 words) - 18:02, 3 May 2006
- ==Risk Association Control Activities:== ...2 KB (270 words) - 18:10, 25 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...3 KB (394 words) - 11:59, 23 June 2006
- ==Risk Association Control Activities:== ...2 KB (278 words) - 18:21, 25 April 2007
- ...capacity forecasting of IT resources at regular intervals to minimize the risk of service disruptions due to insufficient capacity or performance degradat '''Risk Association Control Activities:'''<br> ...3 KB (490 words) - 13:42, 4 May 2006
- ...iness Security Evaluation - Comprehensive information security control and risk assessment guidance for the enterprise demystified. This presentation was o ...s covers security and business risks, anatomy of an attack, and a security risk discussion exercise.<br> ...5 KB (653 words) - 12:45, 25 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...3 KB (497 words) - 14:57, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Lost data could significantly impact financial reporting.''' ...5 KB (721 words) - 11:49, 28 March 2008
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Operational failures may not be identified and resolved in an appropriate, ...2 KB (275 words) - 18:47, 5 May 2006
- ==Risk Association Control Activities:== ...2 KB (303 words) - 18:16, 25 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...4 KB (601 words) - 15:01, 8 August 2006
- Translate business information requirements, IT configuration, information risk action plans and information security culture into an overall IT security p '''Risk Association Control Activities:''' ...10 KB (1,333 words) - 17:44, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...3 KB (436 words) - 12:51, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Systems do not meet business needs because not all business functional and ...4 KB (510 words) - 13:54, 1 May 2006
- * Assignment of responsibility for remediation (can include risk acceptance).<br> '''Risk Association Control Activities:'''<br> ...2 KB (286 words) - 13:05, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Mission critical data is not available to restart applications due to syst ...2 KB (294 words) - 14:52, 4 May 2006
- ...dures in this booklet assist examiners in evaluating financial institution risk management processes to ensure effective information technology (IT) manage ...s an essential component of effective corporate governance and operational risk management.<br> ...5 KB (645 words) - 18:03, 27 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Design and implementation of new applications may not be appropriately con ...3 KB (424 words) - 17:01, 21 June 2006
- ==Risk Association Control Activities:== ...2 KB (290 words) - 17:49, 25 April 2007
- ::'''1. Risk: Without an adequate infrastructure, there is an increased risk that financial reporting applications will not be able to pass data between ...3 KB (364 words) - 17:41, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Financial systems fail due to a lack of operational procedures being execu ...3 KB (427 words) - 17:58, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...3 KB (428 words) - 14:05, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Production processes and associated controls operate as intended and suppo ...3 KB (421 words) - 18:02, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: The impact of application system changes (e.g., hardware and software) sho ...3 KB (425 words) - 13:19, 23 June 2006
- [[Risk Assessment and Treatment:|'''Risk Assessment and Treatment''']]<br> ==COSO Enterprise Risk Management Framework Domains:== ...3 KB (378 words) - 21:27, 18 January 2015
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Production processes and associated controls operate as intended and suppo ...3 KB (420 words) - 14:06, 8 August 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Users may have inappropriate access to the application system.'''<br> ...2 KB (307 words) - 15:06, 3 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...2 KB (303 words) - 17:36, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...6 KB (870 words) - 18:08, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Employees, including individuals with special security responsibilities (s ...3 KB (442 words) - 18:58, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::*PCI.12.7: Screen potential employees to minimize the risk of attacks from internal sources. ...2 KB (312 words) - 18:19, 3 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Third party processors create unacceptable control risks to the Company.'' ...2 KB (321 words) - 15:35, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...4 KB (594 words) - 19:50, 25 June 2006
- '''Risk Association Control Activities:''' ::'''1. Risk: Lapses in the continuity of application systems may prevent an organizatio ...4 KB (522 words) - 20:12, 25 June 2006
- ==Risk Association Control Activities:== ::'''1. Risk: Segregation of duties may be compromised and unauthorized activity may occ ...4 KB (591 words) - 19:45, 14 June 2007
- '''Risk Association Control Activities:'''<br> ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...5 KB (674 words) - 18:14, 21 June 2006
- '''DS 2.3 Supplier Risk Management'''<br> ...l business standards in accordance with legal and regulatory requirements. Risk management should further consider non-disclosure agreements (NDA), escrow ...7 KB (958 words) - 16:01, 25 June 2006
- ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...3 KB (385 words) - 16:14, 25 June 2006
- '''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...709 bytes (91 words) - 13:46, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Systems do not meet business needs because not all business functional and ...3 KB (446 words) - 16:36, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: IT function does not meet the organizational needs. ''' ...3 KB (456 words) - 17:15, 15 February 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...2 KB (327 words) - 13:18, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: New program developments and/or changes may be made that are unnecessary o ...2 KB (338 words) - 13:45, 6 March 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Operational failures may not be identified and resolved in an appropriate, ...2 KB (324 words) - 14:50, 4 May 2006
- '''PO 6.2 Enterprise IT Risk and Internal Control Framework'''<br> '''Risk Association Control Activities:'''<br> ...2 KB (331 words) - 18:47, 1 May 2006