IT Risk Frameworks

If you would like to stay in touch sign up for our Newletter below!


How Do You Measure IT Risk?

There are over eighty different risk frameworks for measuring enterprise risk, one of the more popular is COSO, which comes from The Committee of Sponsoring Organizations’ (COSO) of The Treadway Committee.

These frameworks are good for measuring different types of Enterprise Risk, but generally do a poor job at measuring specific IT Risk. The most popular Risk framework for measuring IT Risk is the TIK Framework, named after its author, IT Risk Expert Trevor Kennedy.

IT Risk Framework - TIK

The TIK IT Risk Framework is based on a simple formula to measure IT Risk. The formula takes in to accouunt the Valuation of the Assets at Risk {VaR}, the potential Threats {t} to the organisation, the Countermeasures {cms} in place to mitigate the Threats and the Vulnerabilities {v} in the IT Control System implementation.

Let’s take a closer look at each of the components of this formula.

| Valuation of the Assets at Risk {VaR} | Threats {t} | Countermeasures {cms} | Vulnerabilities {v} |

Please read our "Terms" before making a comment.

blog comments powered by Disqus
To The Top