Rolling Meadows, IL, USA (8 December 2009)—ISACA today announced the release of Risk IT: Based on COBIT®, the first global IT-related risk framework to provide a comprehensive view of the business risks associated with IT initiatives. Risk IT builds on ISACA’s globally recognized COBIT framework for IT governance to provide a missing link between conventional enterprise risk management and IT risk management and control.
Enterprises achieve return by taking risks, but sometimes they try to eliminate the very risks that drive profit. Available as a free download at www.isaca.org/riskit, Risk IT is designed to help enterprises increase their return on opportunities by managing risks more effectively, rather than trying to eliminate them completely.
ISACA, a nonprofit association of 86,000 information technology (IT) professionals, developed Risk IT in response to member and industry demand. The framework and its supporting documentation are the result of thousands of hours of work from a team of IT and business experts and 60 expert reviewers spanning North America, Europe, the Middle East, Africa and Asia Pacific.
“Risk IT saves time, cost and effort by providing a clear method to focus on IT-related business risks such as late project delivery, compliance, misalignment, obsolete IT architecture and IT service delivery problems,” said Urs Fischer, CISA, CPA (Swiss), CIA, a developer of Risk IT. “Risk IT provides the guidance to help executives and management ask the key questions, make better risk-adjusted decisions and guide their enterprises so that risk is managed more effectively.”
Risk IT provides a single, comprehensive view of IT-related business risks, which can cost companies millions annually in lost revenues and opportunities.
“Risk and value are two sides of the same coin. Risk is inherent to all enterprises, but a balance must be struck that avoids value destruction and ensures that opportunities for value creation are not missed,” said Risk IT developer Brian Barnier, CGEIT. “Risk IT helps all levels of management manage risk for the greatest benefit and helps detect warning signs earlier.”
Risk IT complements and extends COBIT and Val IT, but also is highly effective as standalone guidance. A key aspect is that all enterprises using IT, whether one-person shops or multinational conglomerates, can benefit from Risk IT. It can also be customized for any type of enterprise in any geographic location.
The Risk IT Framework is available as a free download. Print versions can be purchased at www.isaca.org/bookstore.
With more than 86,000 constituents in more than 160 countries, ISACA® (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems assurance and security, enterprise governance of IT, and IT-related risk and compliance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA® Journal, and develops international information systems auditing and control standards. It also administers the globally respected Certified Information Systems Auditor™ (CISA®), Certified Information Security Manager® (CISM®) and Certified in the Governance of Enterprise IT® (CGEIT®) designations.
ISACA developed and continually updates the COBIT®, Val IT™ and Risk IT frameworks, which help IT professionals and enterprise leaders fulfill their IT governance responsibilities and deliver value to the business.