Skip to Main Content
Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL
book

Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL

by Robert R. Moeller
February 2013
Intermediate to advanced content levelIntermediate to advanced
395 pages
13h 56m
English
Wiley
Content preview from Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL

CHAPTER EIGHT

IT Governance Issues: Risk Management, COSO ERM, and OCEG Guidance

RISK MANAGEMENT IS AN INSURANCE-RELATED CONCEPT where an individual or an enterprise will envision some type of threat, such as the danger of a residential fire or theft, and then will take actions to provide protections in the event that threat occurs. The most common risk protection approach is to purchase insurance from a commercial outside vendor or install protection mechanisms to provide some protection over the risks, using a risk-based approach to decide what type and how much insurance to purchase or what protection to install. Key decision factors here are the extent of perceived risks or other threats and the insurance and protective device costs to cover those risks.

Although individuals often think of risks and insurance protection in terms of the threat of fires, natural disasters, or theft, an enterprise needs to consider risks on a much broader level, which can include such things as the failure of a new business venture, malicious litigation because of a product failure, or unexpected economic bad turns. An enterprise cannot just easily buy insurance, in a cost-effective manner, to cover those other risks. Rather, an enterprise needs to implement other processes to provide protection from these many and varied business risks. An enterprise’s IT resources are often a major area, where the physical destruction of their IT equipment, a disruption in network connections, or the theft ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Governance of Enterprise IT based on COBIT 5 - A Management Guide

Governance of Enterprise IT based on COBIT 5 - A Management Guide

Geoff Harmer

Publisher Resources

ISBN: 9781118238936Purchase book