Topic: IT Risk Management: Integration with Enterprise Risk Management.
In business today, risk plays a critical role and is a natural part of business landscape. Almost every business decision requires executives and managers to balance risk and reward. Effectively managing the business risks is essential to an enterprise’s success.. Business risks, such as market risks, credit risk and operational risks have long been incorporated into the corporate decision-making processes however too often, IT risk (business risk related to the use of IT) is overlooked. IT risk management has been relegated to technical specialists outside the boardroom, despite falling under the same ‘umbrella’ risk category as other business risks: failure to achieve strategic objectives.
ISACA has recently released the Risk IT framework which fills the gap between generic risk management frameworks and detailed (primarily security-related) IT risk management frameworks. It provides an end-to-end, comprehensive view of all risks related to the use of IT and a similarly thorough treatment of risk management, from the tone and culture at the top, to operational issues. In summary, the framework will enable enterprises to understand and manage all significant IT risk types, building upon the existing risk related components within the current ISACA frameworks, i.e., COBIT and Val IT.
ISACA-OC is hosting a joint event with the IT Executive Roundtable and bringing in a panel of experts from professional services and commerce who will discuss the topic and present their views on the this critical topic of IT Risk Management.

Panel of Experts:

Jeff Sanchez is a Managing Director at Protiviti and joined the company at its inception in 2002. Prior to joining Protiviti, Jeff was at Arthur Andersen for 10 years. Jeff is Protiviti Pacific Southwest leader of the CIO Solutions practice and is co-leader of Protiviti's global PCI practice. For the last 6 years Jeff has concentrated on helping companies to address security and privacy issues, and in particular achieving PCI compliance. Jeff has participated in many roundtables, webinars and symposium on IT Security and Privacy topics and is a two-time IIA All Stars presenter.

Bret Evans, Director IT at Advanced Sterilization Products (ASP), a Johnson & Johnson company, has a long track record of designing and delivering innovative infection prevention solutions that dramatically raise the level of health and safety for those who matter most. Bret has held his current role at ASP since April 2008. Bret has more than 20 years experience within IT and he has previously held IT Leader and IT Manager positions at General Electric Insurance, General Electric Money, among other roles within the General Electric family of companies.

Peter Roth is an Executive Director of the Advisory Services practice for the Southern California region of Grant Thornton, and is the Practice Leader for IT Strategy Services for the Western region. Peter has over 23 years of business experience in the design, development, and implementation of information technology solutions. He has assisted many clients with their deployment and implementation of large scale ERP software, and has specific expertise in the areas of Business and IT alignment, IT strategy, program management and project oversight, enterprise-wide technical architecture development, enterprise architecture planning, and infrastructure assessment, design, and implementation Before joining Grant Thornton, Peter served as a Vice President for Atrilogy Solutions Group, launching their SAP consulting practice, and Vice President for SAP America, as an experienced consultant for global companies implementing various SAP solutions. Peter received his Bachelors of Science degree in Business Administration from St. John’s University and completed the SAP Global Leadership Development Program at INSEAD University in France.