IT disaster recovery, cloud computing and information security news

Daisy

New report looks at the value of aligning risk management and information security

IT and risk management professionals must speak the same language to more effectively incorporate the benefits and uncertainties associated with data and technology into the organizations’ overall strategy and to add value, according to a newly published white paper from ISACA and RIMS.

‘Bridging the Digital Risk Gap: How Collaboration Between IT and Risk Management Can Enhance Value Creation’ outlines how the changing digital risk landscape, new regulatory requirements, and greater understanding of commonalities between IT and risk management make a strong case for aligning the two in order to realize significant benefits.

Additionally, the report highlights ISACA’s Risk IT Framework and how it integrates both IT and risk management, as well as demonstrates how risk management can be incorporated into the technology life cycle. The resource also points out how both IT and risk management professionals can integrate the frameworks that each uses (including the US National Institute of Standards and Technology (NIST) Cybersecurity Framework, the risk process from the American National Standards Institute (ANSI) risk assessment standard RA.1) as well as integrate roles and methods of assessment.

“When enterprises examine the evolving risk environment and the benefits that can come from integrating risk management and IT, it becomes very clear that this collaboration is important to the overall business-risk portfolio,” said Paul W. Phillips, III, CISA, CISM, technical research manager at ISACA and a contributing author to the white paper. “This kind of strategic coordination can bring many positive outcomes, including better incident response and improved information protection.”

The report also includes RIMS’ Enterprise IT Risk Management Responsibility Assignment Matrix that shows organizations how they can visualize the roles within the IT ecosystem and the cross-functional expertise required, as well as a map for ISACA’s Risk IT Framework and the RIMS Maturity Model (RMM). The map emphasizes the alignment between each domain in ISACA’s Risk IT Framework and the seven attributes of the RMM.

Read the white paper.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.