Indice del documento

• Preface

1. Executive Summary
• Scope and Purpose
• How to Read This Document
2. Governance, Risk Management and Compliance Are Top Business Priorities
3. Evolving Regulatory Landscape
4. Basel II—The New Approach to Managing Risk
• The New Approach to Managing Risk
5. The Need to Manage Operational Risk
• Risk Management Approaches
• Framework for Operational Risk Management
• Operational Risk Principles and IT Relevance
6. Managing IT Risk
• Guiding IT Principles
• ITGP1 [Operational Risk Awareness]
• ITGP2 [Internal Audit Requirement]
• ITGP3 [Management Policies, Processes, Procedures]
• ITGP4 [Risk Assessment]
• ITGP5 [Risk and Loss Monitoring]
• ITGP6 [Control and Mitigation Policies, Processes, Procedures]
• ITGP7 [Business Continuity Management]
• ITGP8 [Framework for Risk Control and Mitigation]
• ITGP9 [Independent Evaluation]
• ITGP10 [Disclosure]
• Causes of Loss and IT Risk
• IT Risk Scenario Analysis
7. Setting Ground Rules for IT Risk Management
• Developing an Appropriate Risk Management Environment
• Risk Management: Identification, Assessment, Monitoring, and Mitigation/Control
• Role of Supervisors
• Role of Disclosure
8. Applying the COBIT Framework: From Business Processes to IT Risks to IT Controls .........43
• The Business Line Approach in Basel II
• Defining IT Risk Using COBIT
• Process Level Controls
• IT General Controls
• Entity Level Controls
9. Use of Key IT Risk Indicators

• Appendix I—Basel II Sury
• Appendix II—High-level Alignment of COSO ERM and Basel II
• Appendix III—High-level Alignment of Basel II Principle 1—The 2nd Pillar—Supervisory
• Review Process (June 2006) and COSO Enterprise Risk Management—Integrated
• Framework (September 2004)
• Appendix IV—Table of COBIT Processes Relevant for Basel II

Chi è Agatino Grillo?

IsacaRoma Newsletter link