O'Reilly logo

IT Auditing: Using Controls to Protect Information Assets by Kevin Wheeler, Mike Schiller, Chris Davis

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 18Risk Management

Only a few years ago, firewalls and antivirus software were all that most organizations used to mitigate IT risk. In recent years, however, the threat landscape has changed considerably. Today, the insider threat is more pronounced, thousands of variants of malware are being distributed, and governments have enacted legislation requiring the implementation of myriad controls. As a result, a formal risk management process now should be a part of every IT audit program.

Today’s million dollar question is this: What is a formal risk management program? In this chapter we’ll explore the risk-analysis process, risk management life cycle, and methods for identifying and addressing risk effectively. At the end of this chapter ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required