Home / Resources / IT Risk

IT Risk

Get a great read and clearer understanding of IT Risk.

ISACA’s expert guidance gives professionals and enterprises the tools, techniques and understanding to manage IT Risk.

Risk IT Framework


The Risk IT Framework fills the gap between generic risk management concepts and detailed IT risk management. It provides an end-to-end, comprehensive view of risks related to the use of IT and a similarly thorough treatment of risk management, from the tone and culture at the top, to operational issues. In summary, the framework will enable enterprises to understand and manage significant IT risk types, building upon the existing risk related components within the current ISACA frameworks.

Learn More

Risk IT Practitioner Guide


The Risk IT Practitioner Guide provides practical guidance for risk professionals. The guide includes a large variety of practical risk management techniques that can be implemented immediately.

Learn More

Virtual Learning

Advance your expertise.

Add to your career potential or enterprise skillset with training developed and delivered by the experts in IT Risk.

Featured IT Risk Trainings

IT Risk Management Essentials

ISACA’s new introductory-level IT Risk video, is a high production quality instructional video featuring with practical guidance and visual support aids. The video content focuses on IT Risk Management essentials, best practices and basics of performing an IT Risk assessment.

Get Started Today

(CRISC) Certified in Risk and Information Systems Control®


ISACA’s Certified in Risk and Information Systems Control (CRISC) certification indicates expertise in identifying and managing enterprise IT risk and implementing and maintaining information systems controls. Gain instant recognition and credibility with CRISC and boost your career.

Get Started Today

2020 Governance Risk and Control Virtual Conference

GRC 2020 Virtual

17–19 August 2020

ISACA and The IIA are pleased to once again collaborate to bring you the 2020 Governance, Risk, and Control (GRC) Virtual Conference. Join more than 1,000 governance, risk, and control professionals from 25+ countries at the event that draws together the best and brightest minds to embrace challenges, forge solutions, and define the future of global GRC.

Learn More  

EuroCACS Conference 2020 (Computer, Audit, Control & Security)

28 – 30 October 2020 | Helsinki, Finland

EuroCACS sessions are for professionals at any point in their career, with three learning levels, hands on labs, technical & soft skill training, lectures, panel discussions and more, there is something for everyone at EuroCACS 2020. Earn up to 32 CPEs.

Learn More

IT Risk Resources

Risk Resources.

When you want guidance, insight, tools and more, you’ll find them in the resources ISACA offers.

Getting Started With Risk Management

Our FREE white paper, Getting Started With Risk Management, explores the careful balance that must be achieved while addressing any unique factors that may exist in your organization. In formulating a business strategy, the enterprise may decide to accept some level of risk in exchange for pursuing business goals and objectives. This paper discusses various options and considerations.

Learn More

Conducting an IT Security Risk Assessment

Raise your ability to reduce enterprise risk. Learn why it is important conduct an effective IT security risk assessment in our new white paper: Conducting an IT Security Risk Assessment. Download it today for FREE.

Learn More

Bridging the Digital Risk Gap

To help improve communication and effectiveness between Risk management and IT professionals, ISACA and RIMS have partnered on a FREE white paper, Bridging the Digital Risk Gap, which outlines best practices for integrating these professionals into an overall digital strategy team to create value and counterbalance unwanted risks and outcomes.

Learn More

Supply Chain Resilience and Continuity

white paper

With each major disaster we confront—including the current pandemic—business continuity management must continue to evolve. Learn how in the new free white paper: Supply Chain Resilience and Continuity: Closing Gaps Exposed in a Global Pandemic.

Learn More

The CMMI Cybermaturity Platform

The CMMI Cybermaturity Platform features custom risk profiling, assessments, gap analyses, and roadmap functions, and is in use across multiple sectors including financial services, healthcare and manufacturing. It addresses industry concerns and organizational challenges, including confidence in cybersecurity initiatives and prioritizing security programs. The platform gives businesses real-time knowledge of best cybersecurity practices, so organizations can make evidence-based decisions on how to improve cybersecurity programs.

Learn More

View Risk Management Publications and Resources

Gain additional insight and guidance on leveraging the IT Risk framework to create and maintain the most effective techniques and understanding to manage IT Risk.