The Emergence Of Risk Based Approaches

1686 WordsMay 10, 20167 Pages
Ch. 3.1 Emergence of Risk-Based Approaches Risk assessment is increasingly conducted by many groups within an organization to fulfil a variety of business and regulatory requirements. Various groups within the same organization often rely on guidance from different professional organizations to provide a framework for conducting the risk assessment. As financial organizations offer disparate approaches to risk assessment, they contribute to risk information. In this context, information systems and/or information technology risk assessment plays an entirely exceptional role in each organization. In risk emergence approach need to take care of: 1. IT integrates all different functional areas within an organization and thus it has a potential to integrate the risk assessment activities as well as operational risk. 2. IT deals with data/information processing and as such by managing IT risk we reduce the likelihood of “low quality” information. At the same time, improve the quality of business processes, as information is the core part of each business process. Based on the assumptions conclude that there is no need to make a difference between business risk and IT risk. According to ITGI (2009), IT risk is business risk – specifically, the business risk associated with the use, ownership, operation, involvement, influence and adoption of IT within an enterprise. The business value and IT risk are two sides of the same coin and risk is inherent to all enterprises. So there
Open Document