Zurich, 23. december 2009. Global IT governance organisation ISACA has just launched a best practice framework to provide a further link between enterprise risk and IT risk management. “Risk IT” builds on COBIT 4.1 and is aimed at helping companies identify and manage IT-related business risks. The focus of “Risk IT” is essentially on the [...]

Zurich, 20. December 2009. MinimaRisk research division watches the overall increase of interest of the new IT Risk Management spinoff standard of ISO 27001, that is ISO 27005 Risk Management.
ISO 27005 IT Risk Management provides guidelines for information security risk management. It supports the general concepts specified in ISO/IEC 27001 and it is designed [...]

Zurich, 14. December 2009. The best practice Control Objectives for Information Technology (CobIT) 4.1, defines the main focuses of IT Governance. There is no order of importance but strategic alignement, value delivery, resource management, performance management and risk management, are all quintessential element of steering a modern IT department toward sustainability and profitability. Especially Risk [...]

Zurich, 8. december 2009. InformationWeek specialized IT Magazine reports the latest observations contained in the annual Cisco’s 2009 Annual Security Report. Bad passwords, inconsistent patching, excessive information sharing, and outdated antivirus software are key ingredients in what Cisco calls a security “nightmare formula.” Expect troubles ahead.

Geneva, 1. september 2009. Philippe Mialet has been appointed as per today, Chief Operation Officer for MinimaRisk activities outside Switzerland and devoted to the french speaking countries. Philippe joins MinimaRisk team, providing an highly fond expertise in operational risk management of activities in third-world countries. His know-how will be mostly useful in implementing and customizing [...]

Lausanne, 31.August 2009. One of the most important duties for modern audit and risk managers is to foster company-wide utilization of best practice business processes + internal controls. However in widespread organizations it remains difficult to find the appropriate internal control. MinimaRisk has integrated in its tool all the relavant and necessary internal controls of [...]

Zurich, 26. August 2009. The Australian/New Zealand Risk Management Standard provides a generic guide for managing enterprise risks. This Standard, probably the most referenced best practice and standard within Risk Management, may be applied to a very wide range of activities, decisions or operations of any public, private or community enterprise, group or individual. … [...]

The ISO/IEC 38500:2008 Corporate governance of information technology standard, provides a framework for effective governance of IT to assist those at the highest level of organizations to understand and fulfill their legal, regulatory, and ethical obligations in respect of their organizations’ use of IT. To wonder what is the real impact of this standard, compaired [...]