Organizations must integrate technology risk much more aggressively into enterprise risk management (ERM) if they want to reduce future loss and improve business performance, according to ISACA.
Mismanaging IT risk can reduce business value, create financial loss, damage corporate reputation and overlook promising new opportunities. According to a study by the Project Management Institute, every billion dollars that an enterprise spends represents $135 million in risk.
ISACA's COBIT 5 for Risk, developed by a global committee of risk professionals, provides a detailed guide to governing and managing IT risk in the face of todayís unpredictable threats.
he publication, which replaces the former Risk IT framework, also includes guidance on how COBIT 5 supports risk management and governance and how to set up and maintain an effective and efficient risk function based on COBITís seven enablers:
- Principles, policies and frameworks
- Organizational structures
- Culture, ethics and behavior
- Services, infrastructure and applications
- People, skills and competencies.