IT Risk Management - WHAT is it?
IT Risk Management is the practice of identifying risks to your systems and data assets and implementing measures and policies to reduce them to an acceptable level. Integral to ‘internal control’, it is the cornerstone of good IT governance.
WHEN do I need it?
IT risks assessments will need to be carried out annually to comply with the requirements of regulators. This, however, is the base position. In more progressive organizations, ‘real-time’ assessments, using technology that reveals the current level of risk at the push of a button, are becoming common.