It was my honor and privilege to present last week at the ISACA Winnipeg chapter in Canada where winter has already arrived with a vengeance.  The topic for my session was "Establishing Effective ERM of IT: Implementation and Operational Issues of the New ‘Risk IT Framework", a session that is in great demand globally, now being delivered in India, Europe and North America.

Effective management of risk is receiving growing attention from executive management, risk managers and regulators to indentify and correctly manage risk in the operational environment.  This pressure requires the implementation of an effective risk management process that allow for the acceptance or mitigation of risk based on the business appetite.   IT risk can be defined as the business risk associated with the use, ownership, operation, involvement, influence and adoption of IT within an enterprise.  IT risk consists of IT-related events that could potentially impact the business.  Now the issue is not identification of risk, IT is typically very good at that, its how IT effectively handles the risk based of the business posture and appetite.

ISACA recently delivered the RISK IT Framework to assist IT in effectively identifying risk and how to develop processes to accept or mitigate risk. When leveraged in conjunction with the COBIT^® Framework which provides the generally accepted control framework, the RISK IT Framework** delivers an effective enterprise risk management solution.  Based on practitioner feedback, ISACA recently released a new publication; the Risk IT Practitioner Guide** which details practical use of the framework for business value.  (Also available is a toolkit to assist with the implementation).

So the session which i delivered in Winnipeg detailed how to how to establish effective enterprise risk management IT including implementation and operational issues leveraging using ISACA's new ‘Risk IT Practitioner Guide'.

So back to my session at the ISACA Winnipeg Chapter and risk. For those who know me well you would recall that I love winter (may come from have a childhood deprived of seasons other than summer and more summer) and so I gladly accepted the risk of snow, cold weather and potential flight delays to deliver the speech in Winnipeg in the Thanksgiving period.  I made the decision based assessing the risks or weather, air travel congestion and my review of the weather forecast.  Based on the feedback of the session and the beautiful Winnipeg winters day I took the correct decision in accepting the risk.

Yes, risk is part of everyday life, embrace it and opportunity will be a frequent visitor.

** The ISACA RiskIT Framework and The ISACA RiskIT Practitioner Guide and toolkit are available to ISACA members as a complimentary PDF download.