The Risk and Control Self-Assessment

Author: Anthony Oteri, CRISC, CDPSE, AWS CCP, CCSK
Date Published: 22 November 2023
Related: IT Risk Starter Kit | Digital | English

When people hear the acronym for risk and control self-assessment, RCSA, the first response typically uttered by those who are familiar with the term is an exasperated sigh. To them it is another activity that checks a box for providing governance functions to C-suite officers and regulators with a bird’s eye view of the identified risk and controls associated with an organization’s myriad business processes...

 

Members, login to keep reading.

Not a member but want to read more?
Explore ISACA member benefits today.

Additional resources

Blog Post

Navigating Security Threats with IT Inventory Management

An efficient, current IT inventory is a foundational component of effective IT management and puts an enterprise in position to better leverage threat intelligence.

14 November 2023
Blog Post

IT Risk and IT Audit: A Partnership

Providing leadership with pertinent data can go a long way toward building support for the cross-functional collaboration between the audit and risk functions that can put organizations in a much stronger position to succeed.

2 November 2023
ISACA Journal Article

The Intricate Web of Third-Party Cybersecurity Risk

IT security and risk management professionals must prioritize cybersecurity within their organizations by constantly advising management on best practices for protecting their organizations’ sensitive information and strategies to manage risk effectively.

Author: Jacob Peng
Blog Post

Collaborative Mindset Change from Compliance to Risk

Transitioning from a compliance-based focus to a risk-based approach is useful as enterprises aim to best align resources in the modern business and regulatory environments.

23 October 2023