Talk:IT risk management

Further splitting
Perhaps is better to put laws and standards on separated articles because:
 * 1) The main article IT risk is quite big
 * 2) This article is quite lengthy and can grow: I am planning to add Risk IT short description and comparison with other methodologies
 * 3) Standard and law do apply basically to the management of risks, but each standard has to state what is the subject of the management itself i.e. IT risk

Before going on with the splits I would like to have some feedback.

--Pastore Italy (talk) 11:47, 16 December 2010 (UTC)

Copyright problem removed
Prior content in this article duplicated one or more previously published sources. The material was copied from: http://www.enisa.europa.eu/act/rm/cr/risk-management-inventory/files/deliverables/risk-management-principles-and-inventories-for-risk-management-risk-assessment-methods-and-tools/at_download/fullReport. Infringing material has been rewritten or removed and must not be restored, unless it is duly released under a compatible license. (For more information, please see "using copyrighted works from others" if you are not the copyright holder of this material, or "donating copyrighted materials" if you are.) For legal reasons, we cannot accept copyrighted text or images borrowed from other web sites or published material; such additions will be deleted. Contributors may use copyrighted publications as a source of information, but not as a source of sentences or phrases. Accordingly, the material may be rewritten, but only if it does not infringe on the copyright of the original or plagiarize from that source. Please see our guideline on non-free text for how to properly implement limited quotations of copyrighted text. Wikipedia takes copyright violations very seriously, and persistent violators will be blocked from editing. While we appreciate contributions, we must require all contributors to understand and comply with these policies. Thank you. Pnm (talk) 07:46, 21 December 2010 (UTC)
 * Pages 8-11. --Pnm (talk) 07:46, 21 December 2010 (UTC)

"Critique of risk management as a methodology"
this section is grammatically and semantically flawed - consequently it reads in part as complete nonsense. Suggest thorough editing. 212.159.59.5 (talk) 16:46, 29 April 2016 (UTC)

External links modified
Hello fellow Wikipedians,

I have just modified one external link on IT risk management. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
 * Added archive https://web.archive.org/web/20141118061526/http://www.riskmanagementinsight.com/media/docs/FAIR_introduction.pdf to http://www.riskmanagementinsight.com/media/docs/FAIR_introduction.pdf

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

Cheers.— InternetArchiveBot  (Report bug) 03:55, 8 April 2017 (UTC)

Risk mitigation = treatment = handling?
'Risk mitigation' (from ISO 27005), 'Risk treatment' (from SP 800), 'Risk handling' (from pg.138 of the document that the at the beginning of the article was sourced from), and 'Risk management strategies' (from SY0-701 certification) all seem to refer to roughly the same processes. Is this true? Tule-hog (talk) 02:21, 18 July 2024 (UTC)


 * another discussion concludes that "risk mitigation [reduce?] is one of four risk treatments; the other three are accept [retain?], avoid, or transfer". Tule-hog (talk) 02:44, 18 July 2024 (UTC)