New report helps organisations bridge the digital risk gap

New report helps organisations bridge the digital risk gap | Insurance Business

New report helps organisations bridge the digital risk gap

The Risk Management Society (RIMS) and Information Systems Audit and Control Association (ISACA) have released a report that aims to help organizations bridge the digital risk gap.

The “Bridging the Digital Risk Gap” report highlights how new regulatory requirements, a changing digital risk landscape, and commonalities between IT and risk management can prompt the alignment of the two and therefore produce significant benefits.

Moreover, it highlights how ISACA’s Risk IT Framework could integrate both IT and risk management and shows how risk management can be incorporated into the technology lifecycle.

“When enterprises examine the evolving risk environment and the benefits that can come from integrating risk management and IT, it becomes very clear that this collaboration is important to the overall business-risk portfolio,” said Paul W. Phillips, III, CISA, CISM, technical research manager at ISACA and a contributing author to the report.

“This kind of strategic coordination can bring many positive outcomes, including better incident response and improved information protection.”

The report also featured RIMS’ Enterprise IT Risk Management Responsibility Assignment Matrix that helps organizations visualize roles within the IT ecosystem and the cross-functional expertise required.

It also includes a map for ISACA’s Risk IT Framework and the RIMS Maturity Model (RMM) meant to emphasize the alignment between each domain in the framework and the seven attributes of the RMM.

“Collaboration between IT and risk management professionals facilitates strategic alignment of resources and promotes the creation of value across an enterprise. Understanding one another’s world is the first step for building a constructive and a symbiotic relationship,” said Carol Fox, RIMS VP of strategic initiatives and contributor.

“In doing so, IT and risk management professionals can leverage their knowledge and resources to better inform decision makers on how business strategies and objectives can benefit from IT capabilities, and spur investment in new technology.”