I am writing an report and I need to have the literature over risk management in Internet business. Do you know where can i find those kind of information?

Thank you in advance!

http://www.meridianlink.com/articles/security_risk.pdf

http://www.netaddiction.com/articles/eia_framework.pdf

http://www.thefreelibrary.com/Internet+Risk+Impact+Summary+Report+for+Q3+2003-a0113377379

CA + CISA

Why is it they are both so disorganized an audit cannot be done? What’s going on?

The government is so big, and some parts of it—by necessity—are secret. All of that makes it difficult, but not impossible.

I had been working as a credit officer in a bank. Now I am planning to move into risk management. There I have been told that I need to be more familier with financial interpritation (ie P7L , balance sheet etc..)

Could some one please tell me where I could find better resources to get a good knowledge about financial interpritation and risk management?

First you need to learn to spell interpretation correctly. Mistakes like that in a resume are really damaging.

You may find a course at a community college. I took one from Dun & Bradstreet by correspondence years and years ago and found it quite helpful.

You need a machine or several machines running 24/7 modelling the risks that would have been introduced by those who had been claiming to be doing risk management.
To tibs:
Terrific. Thanks.

If some competent engineer/analyst has done a FMECA or FMEA, an FTA, and other safety analyses. AND, these analyses have been peer-reviewed and corrected (if necessary), then I see no need for further modelling.

If the system in question is dynamic (changing part types, changing design, changing configuration), then yes, an ongoing model with a full-time or most-time risk manager may be necessary.

Even if the risk manager is not doing his/her job, a continuing model wouldn’t be necessary. A simple peer review of the existing models and analyses would be all that is necessary.

.