From the course: CISA Cert Prep: 2 Information Technology Governance and Management for IS Auditors
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Dealing with risk
From the course: CISA Cert Prep: 2 Information Technology Governance and Management for IS Auditors
Dealing with risk
- [Instructor] So, we've gone through our process, we've done the planning and figured out who's going to be on the team and which assets are involved, what the scope is. We spent all that time in the collection phase, doing all the grunt work, pulling the information. Then, we take our findings and our recommendations, and we present it to management. And management makes the decision of how to handle that risk, and there's four different things they can do. They can reduce or mitigate the risk, by putting some kind of control or countermeasure in place, like a firewall or some shutters for the hurricane, or a fire suppression system, or a smoke detector for the fires, etc. etc. Some kind of control you put in place to either reduce the likelihood of something bad happening, or the impact, or the pain that you would endure if that bad things were to happen, or both. That's what a control does, it reduces either the likelihood or the impact, or both at the same time, and you put that…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.