Indice del documento

• Preface

1. Executive Summary
• Scope and Purpose
• How to Read This Document
2. Governance, Risk Management and Compliance:
• Top Business Priorities
3. Evolving Regulatory Landscape
4. The Basel II Approach to Managing Risk
5. The Need to Manage Operational Risk
• Risk Management Approaches
• Framework for Operational Risk Management
• COSO Components
• Operational Risk Principles and IT Relevance
6. Managing Information Risks
• IT Guiding Principles
• Causes of Loss and IT Risk
• IT Risk Scenario Analysis
7. Business Processes to IT Risks to IT Controls:
• Applying the COBIT Framework
• Use of Existing Documentation
• The Business Line Approach in Basel II
• Defining IT Risk
• Defining IT Controls
8. Use of Key IT Risk Indicators

• Appendix I—Basel II Summary
• Appendix II—High-level Alignment of COSO ERM and Basel II
• Appendix III—High-level Alignment of Basel II Principle 1: 
• The Second Pillar—Supervisory Review Process (June 2006) and COSO ERM—Integrated Framework (September 2004)
• Appendix IV—The Dependence of the COSO ERM Framework on Data Quality
• Appendix V—Basel II and COBIT
• Appendix VI—COBIT Processes
• Appendix VII—ABC Bank: A Worked Example
• Appendix VIII—References