2023 IT Examiner School
Internal Use Only
Risk Appetite
Risk appetite is the amount of risk, on a broad level, an organization is willing to accept in pursuit of its mission.
How much risk is an organization willing to accept to achieve its objectives?
Risk appetite is not just a part of risk and risk management discussions, it is a key component in strategic planning and day-to-day decision making.
Internal Use Only
Cycle of IT Governance
Test and Update: • Policies • Procedures • Controls
Identify and prioritize gaps: • Policies • Procedures • Controls
Risk Assessment: • Assets • Threats • Vulnerabilities • Mitigating controls
Made with FlippingBook - Share PDF online