4Matt Technology

COBIT 2019: Risk Management (APO12)

Managed Risk

Continuously identify, assess and mitigate I&T-related risks within the tolerance levels established by the company's executive management.


Integrate I&T-related enterprise risk management with overall enterprise risk management (ERM) and balance the costs and benefits of I&T-related enterprise risk management.

management practices

APO12.01 Collect data.

Identify and collect relevant data to enable effective identification, analysis and reporting of I&T-related risks.

APO12.02 Analyze risk.

Develop an informed view of real I&T risk in support of risk decisions.

APO12.03 Maintain a risk profile.

Maintain an inventory of known risks and risk attributes, including expected frequency, potential impact, and responses. Document related resources, capabilities, and current control activities related to risk items.

APO12.04 Articulated risk.

Communicate information on the current status of I&T-related exposures and opportunities in a timely manner to all stakeholders necessary for an appropriate response.

APO12.05 Define a portfolio of risk management actions.

Manage opportunities to reduce risk to an acceptable level as a portfolio.

APO12.06 Respond to risk.

Respond in a timely manner to materialized risk events with effective measures to limit the magnitude of loss.

Cobit 2019 4Matt Tecnologia


BURM enterprise risk management

The planning and implementation of processes and procedures throughout the organization to manage risks to the success or integrity of the business, especially those arising from the use of information technology, reduced or unavailability of energy supply, or improper disposal of materials, hardware or Dice.

INAS information guarantee

The protection of the integrity, availability, authenticity, non-repudiation and confidentiality of information and data stored and in transit. Managing risk in a pragmatic and economical way to ensure the trust of interested parties.

Translated by 4Matt Technology from the original Process Symphony: Risk Management-APO12 (COBIT2019)

Tags: ServiceNow, Snow Software, Software Asset Management, Software Asset Management, SAM, FINOps, ITAM, ITSM, Flexera, Cloud Management governance framework, design factors, contact us, governance structures, it governance, online course , design guide, governance objective, cobit certification, corporate governance, it business, leave a comment, cobit exam, it management, information governance, free materials, isaca launched, cobit framework, cobit benefits, decision making, developed by isaca, certificate programs, designed to evolve, best practices, capacity levels, microsoft power, information management, control objectives, social networks, foundation bridge, brazilian companies, IT professionals, governance components, organizational structures, certification exams, business processes, performance management, governance certification, implementing nist using cobit, it market, power bi, g IT experts, design and implementation, governance framework, implementation guides, design factors, cobit implementation, best practices, implementation guide, effective governance, digital transformation, project management, governance strategy, cybersecurity, business objectives , cobit certification, cascade of goals, information technology

Related Posts

Cybersecurity Asset Management: Protect your Company

Cybersecurity asset management, also known as CSAM (Cyber Security Asset Management), plays a crucial role in protecting a company's digital assets. Through this process, it is possible not only to identify and classify information assets, but also to monitor them continuously and effectively, ensuring the

Read more "

6 Practices to Ensure Security with ITAM

Information Technology Asset Management (ITAM) is a set of business practices that unites financial, inventory, contractual and risk functions to manage the lifecycle of IT assets and make strategic decisions for the enterprise. ITAM is crucial for any organization,

Read more "

Uncovering CMDB: Complete FAQ Guide

In this article, we will explore the world of CMDB (Configuration Management Database), answering the most common questions about this important aspect of IT management. From basic meaning to best practices and its implementation, let's dive into the essential questions related to CMDB. 1. CMDB means? CMDB is the

Read more "