How to effectively manage information risk

IT failure (whether crashes, security vulnerabilities, or project failure), the consequences could be very serious.

According to the





for business executives, understand IT related risk is still difficult challenge, after all, many experts are not in charge of the technical aspects of the. Less technical background, how to improve enterprise management risk management, to ensure that the company’s strategic objectives can be achieved, without the risk of IT drag.

ITGI recently published "information risk: who should be responsible?" Provide the following recommendations:





The board of directors of the audit committee of



IT control appears weakness must be immediately get the attention of supervisor. After the approval of the new head of the IT proposal, should grasp the risk and profit, identified in the proposed strategic plan, the two clearly into account. Supervisors also need to do risk assessment on a regular basis, put out an action plan to solve the risks.

At the end of operation (

is the actual person used IT service) must take operation related risks, including the risks related to the use of IT and. IT service providers should provide consultation, cooperation and business management, determine the safety measures for you.


Leave a Reply

Your email address will not be published. Required fields are marked *