How to perform an Information Technology Risk Assessment?
Risk assessment is an initial step during a Risk Management program –a company must have program to manage uncertainty in business competition. However the question may be arising is how to perform the correct IT Risk Assessment that could give an impact to business performance, not only as part of internal audit services.
Recently, the The Institute of Internal Auditors, release a guidance how to perform an IT Risk Assessment. Basically the assessment method included this five step of identication, such as:
The Guide to the Assessment of IT Risk (GAIT) Methodology
1. Identify the critical IT functionality
2. Identify the significant application where ITGC need to be tested
3. Identify ITGC process risk and related control objectives
4. Identify the key ITGCs to test that meet the control objectives
5. Perform a reasonable person review
Detail Guide to the Assessment of IT Risk (GAIT) can be downloaded here
Trackback URL for this post:
- Add new comment
- 30375 reads
How to perform an Information Technology Risk Assessment?
Hi ,
About our company's information technology risk assessment , business continuity and disater recovery software
You can contact us for more information and to buy your product.
info@3myazilim.com
www.3myazilim.com
BS25999 ,COBIT,ISO27001 etc.. consulting and software..
IT Risk Assessment Templates, this template is created using NIST-SP 800:30 standard for Risk Management Guide for Information Technology Systems.
Covering some basic process during IT Risk Assessment that include: System Characterization, Threat Identification Vulnerability Identification, Control Analysis, Likelihood Determination, Impact Analysis, Risk Determination, Control Recommendations, Results Documentation ,Business continuity ,Disater recovery ,Business impact analysis