Explore BrainMass

IT Risk Mitigation

With the new opportunities that IT can create, there are risks and threats that must be addressed.

1. What are the major risks to the organization when implementing and using IT?

2.To what degree are IT security risks and business risks interrelated?

3. What disadvantages might a business encounter from a "locked-down" IT environment, and how can these be balanced against the disadvantages of a security breach?

Solution Preview

1. What are the major risks to the organization when implementing and using IT?

There are a few major types of risks that are relevant to the organization when implementing and using IT. The two main classifications of IT risk are internal risks and external risks. Management needs to ensure that the IT systems are properly protected, with the appropriate internal controls in place, to protect against internal risks. External controls also need to be in place to guard against external risks to IT. From an internal standpoint, there is an inherent risk that management controls will be overridden and abused, in an attempt to commit fraud. This is the main reason why external audits, which are conducted annually, have implemented a specific segment where the auditor examines the controls in place, over IT. There is also a risk that systems will be overridden from an external source, and data, including sensitive customer data and/or proprietary data can become compromised.

IT risks also exist with financial reporting information. While this is also an internal control issue, there has to be continual monitoring over the IT system to ensure that all transactions and data are being reported timely and accurately. IT process management also encounters a risk 24/7, that involves the viability of the IT system. Systems fail, errors ...

Solution Summary

This solution discusses IT risk mitigation. All questions are answered in detail, with supporting references.