WS1IT Risk presented at EuroCACSISRM 2012

by Urs Fischer,

Summary : This workshop presents the principles and application of information risk management as it relates to information security. It offers a structured risk register and a method for assessing control effectiveness. Attendees will learn the link between business and IT risk, and how risk is managed by the use of suitable controls. Content will dive into the difference between embedded monitors and early warning indicators and how the effectiveness of an individual control, or group of controls, can be measured. Leave with the knowledge and skills to effectively assess your organisations risk appetite and tolerance; improve risk awareness and communication; evaluate risk scenarios; and determine your risk response.
After completing this workshop, you will be able to:
Apply key deliverables necessary to develop and maintain an effective risk management programme following the Risk IT Framework
Explain how the new Risk IT Framework relates to COBIT
Evaluate implementation and operational issues
Integrate IT risk management with ERM
Audit/Evaluate the risk management programme