Design Factors: Risk Profile and IT Related Issues

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
3 hours 43 minutes
Difficulty
Intermediate
CEU/CPE
4
Video Transcription
00:00
Let's talk about the design factors of risk profile and I T related issues,
00:07
so we're going to cover risk profile and it related issues as design factors.
00:13
Another design factor in the co bit framework is the risk profile of the organization.
00:19
The risk profile addresses the current issues and risks as it relates toe I t. Resource Is and the I T architectures.
00:26
The risk profile will identify i t related risks to which the organization is subjected. Thio
00:33
thes risks should align with the organization's risk appetite,
00:37
and it should not exceed that.
00:39
If an organization in a highly regulated industry has a lower risk appetite,
00:44
meaning it's not willing to take on, ah, high risk that could result in severe penalties and even jail time.
00:51
The risks that the enterprise currently face should not exceed its risk appetite.
00:56
Thus, those risks need to be identified and mitigated.
01:00
This is an important part of the design factor. When creating a governance system to manage i t resource is
01:07
risks and in organizations, risk appetite will play a huge part in the design.
01:14
Examples of risks include hardware and software failures.
01:18
This affects the availability and sometimes the integrity of vital information that the company and I T resource is rely upon.
01:26
Thus, this is a risk that some organizations may not be willing to take on.
01:30
If your company works with real time data and any failures in service,
01:34
that could cause a loss of customers and revenue. And this is a big risk.
01:40
Non compliance is another example of a risk that should be identified
01:45
as we mentioned earlier. Non compliance may be a huge risk that can exceed the organization's risk appetite.
01:51
Thus the risk needs to be identified and included in the risk profile and design of the overarching government system.
02:00
Acts of nature such as hurricanes, earthquakes they can affect your I T re sources and information.
02:07
This risk may need to be addressed in the form of disaster recovery plans and business continuity plans.
02:15
Unauthorized incidents in which information is breached or altered could be another example of a risk.
02:22
Identify whether this risk exceeds your risk appetite and identify whether or not this is a risk to your organization is subjected thio.
02:30
These examples should get you thinking about the risks that organizations can face and how a risk profile is unnecessary design factor within your system.
02:39
Have any of thes aforementioned risks affected your business?
02:50
I t related issues air somewhat related to the risk profile,
02:53
but a design factor in and of itself
02:57
i t risk assessments are a way to determine what risks your I T infrastructure faces.
03:02
Consider which I t related risk are currently being experienced by your organization.
03:08
This design factor gives you a way to determine which I t related. Risk issues have materialized within your enterprise.
03:17
Examples of I T related risks can be service delivery problems from your I T vendor.
03:23
Is it causing the loss of time and resource is within your company?
03:27
Is this a risk that is experienced often and causing I T related issues
03:31
include this in your design for a governance program.
03:36
Another example could be the failure of i t to meet regulatory or contractual requirements.
03:42
Non compliance with laws and regulations and SLS can create not only financial loss but other penalties like jail time or cause detriment to your businesses reputation.
03:53
This is an I T specific related risk
03:58
audit findings that detect poor I t. Performance is another common issue that organizations face
04:03
poor I t performance is definitely an I T related issue and should be addressed in a nightie governance system.
04:11
The excessively high cost of I t. Is another example of a nightie related risk that I t re sources are not aligning and supporting the overall business goals and strategies.
04:21
Have any of these it related risks affected your organization.
04:29
So in this video, we talked about risk profile and I t related issues as design factors.
Up Next