Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Title Copyright Contents Part I: What is risk and why is it important?
Chapter 1: Risks and controls
Overview What is risk? Management of risk Risk identification and awareness Documenting risks Assessing and monitoring risk Categorisation Likelihood Impact Risk heat maps Controlling risk Summary
Chapter 2: Enterprise risk management (ERM) frameworks
Overview What is enterprise risk management? Strategic enterprise wide management process Identify potential risks Significant impact Manage them within the entity’s risk appetite Common ERM frameworks COSO The five components ISO31000 Sarbanes-Oxley Summary
Chapter 3: Risk management assurance and audit
Overview Three lines of defence First line of defence – Business unit staff and management Second line of defence – Governance, risk and compliance Third line of defence – Independent assurance from audit and the Board Segregation of duties between each line Internal vs external audit Other forms of IT assurance Case study Summary
Chapter 4: Information Risks and Frameworks
Overview What is information risk? COBIT 5 ISO frameworks CRAMM Summary and key take-aways
Part II: Introduction to General IT and Management Risks
Chapter 5: Overview of General IT and Management Risks
Overview Reviewing entity level controls in an IT context What are general IT controls? Case studies and examples of general IT controls Outsourced arrangements End user computing Bring your own devices (BYOD) Case studies and examples of outsourcing Reviewing general IT controls Summary
Chapter 6: Security and Data Privacy
Overview Risks Controls Examples of IT security controls ISO27001 Case study examples Documenting, assessing and testing security and confidentiality controls Summary
Chapter 7: System Development and Change Control
Introduction Project lifecycle overview Project lifecycle risks Project lifecycle controls Project lifecycle case study examples Project lifecycle documenting, assessing and testing controls Change management overview and risks Change management controls Change management case study examples Documenting, assessing and testing controls Summary
Chapter 8: Service Management and Disaster Planning
Introduction Service management overview Disaster planning Case study examples Summary
Part III: Introduction to Application Controls
Chapter 9: Overview of Application Controls (Integrity)
Introduction Risks Controls Case study examples Documenting, assessing and testing application controls Summary Further reading
Part IV: Life as an Information Risk Management Specialist
Chapter 10: Planning, Running and Reviewing Information Risk Management Assignments
Overview Stages of a review IRM assignment planning Conducting an IRM review Reviewing the audit review Ensuring action after the review Summary
Chapter 11: Personal Development and Qualifications
Overview Who are IRM auditors? Skills audit Qualifications available Professional and ethical standards Sources of employment A personal case study Summary
Further Reading and Resources ITG Resources
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion