How to perform an Information Technology Risk Assessment?



Risk assessment is an initial step during a Risk Management program –a company must have program to manage uncertainty in business competition. However the question may be arising is how to perform the correct IT Risk Assessment that could give an impact to business performance, not only as part of internal audit services.

Recently, the The Institute of Internal Auditors, release a guidance how to perform an IT Risk Assessment. Basically the assessment method included this five step of identication, such as:
The Guide to the Assessment of IT Risk (GAIT) Methodology
1. Identify the critical IT functionality
2. Identify the significant application where ITGC need to be tested
3. Identify ITGC process risk and related control objectives
4. Identify the key ITGCs to test that meet the control objectives
5. Perform a reasonable person review

Detail Guide to the Assessment of IT Risk (GAIT) can be downloaded here


Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Newsvine
  • Furl
  • Facebook
  • Google
  • Yahoo
  • Technorati
  • Icerocket

Trackback URL for this post:

http://www.securityprocedure.com/trackback/89

User login

Who's online

There are currently 0 users and 7 guests online.