The flashcards below were created by user
on FreezingBlue Flashcards.
Regarding technology risk, what is strategic risk?
The risk of choosing inappropriate technology.
Regarding technology risk, what is operating risk?
The risk of doing the right things in the wrong way. Ex=the payroll manager runs a weekly report after the HR manager enters new employees. But, the payroll manager runs the report too early.
Regarding technology risk, what is financial risk?
Having financial resources lost (such as due to natural disaster), wasted or stolen
Regarding technology risk, what is information risk?
Risk of loss of data integrity, incomplete transactions, hackers
According to ISACA, what is the IT benefit/value enablement risk.
You had a chance to use IT for the benefit of the entity and you missed it.
According to ISACA, what is the program and project delivery risk?
You use IT for the benefit of the entity, but the benefit isn't what you had hoped.
According to ISACA, what is the IT operating and service delivery risk?
If anything could go wrong with the IT you are using, it does.
What are the 6 steps to IT risk assessment?
- (1) identify potential threats
- (2) determine the probability that the threat will occur
- (3) determine the loss that would occur if the threat happened
- (4) identify the control that could prevent the threat
- (5) determine the cost vs benefit of the control
- (6) implement the control and monitor for effectiveness
What is the purpose of an IT validation test?
To ensure the software does what it was intended to do.