From the course: ISACA Certified Information System Manager (CISM) Cert Prep

Unlock this course with a free trial

Join today to access over 25,500 courses taught by industry experts.

Risk action plan

Risk action plan

From the course: ISACA Certified Information System Manager (CISM) Cert Prep

Start my 1-month free trial Buy for my team

Risk action plan

- [Instructor] Now in this next section, we know that our goal is going to be to mitigate risk to reduce risk to the degree that's acceptable. But we have to have a plan, right? And that's exactly what the risk action plan is going to give us. So we in our roles as risk practitioners, you're going to be somebody that is going to inform, that's going to assess, that's going to make recommendations. But remember the decision making is the responsibility of the risk owner. And in the business world the risk owner usually are going to be the individual lines of business. Is going to be the individual lines of business. So the various department heads, those are the folks that own the asset, they own the data, therefore they're the ones that own the risk. Now again, that's just general. It's not written in stone. But that's generally how that's going to be. So our job is going to be to provide consultation, to make recommendations. Keep that in mind. On the test, I would expect to see…

Contents