Risk management framework

It was with some alarm that I sat down to read my favourite read, ISACA’s monthly IS Control Journal, to discover that ISACA/ITGI is producing another framework to go with the COBIT framework (and it is a framework, I don’t care what anyone else says), and the VAL IT framework:  the IT Risk Management Framework.

I was a little concerned that perhaps it might be one framework too many.

However, it does make sense to create such a beast when you consider that, as I am fond of telling the students I am lecturing (no doubt much to their disgust, terror and ennui), the only two things that matter are what value you can get for what risk. 

Anyway, you can check out the new risk management framework on ITGI’s website, where it will b released as it becomes available.  It’s mentioned in the latest Information Systems Control Journal, in an article by Urs Fischer, and in this relatively recent update to the COBIT vision and strategy.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.