General discussion


Risk Assessment

By mahdi ·
Can anyone explain to me the Fitzgerald matrix approach to conduct a risk assessment as an auditor?

This conversation is currently closed to new comments.

1 total post (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Risk Assessment

by WindRider In reply to Risk Assessment

Check out the link below, perhaps it will help you refine/develop a question that is more focused. My guess is that you are asking about the application of the Delphi method in the context of an IT security audit?

There is a consultant (Fitzgerald) that has a small tool for documenting an expert panel, risk ranking exercise, a.k.a. as the Delphi method. This method consists of using a relevant group of experts to discuss rank/ quantify associated risks. It is typically in place of more rigorous approaches when analysis duration is an issue, and there is a good supply of expert opinion.

It is not a good approach when systems complexity, event probability, and event consequences, are complex, or relationships are poorly understood. It is often an excellent first step to focus and plan more rigorous risk assessments.

Back to IT Employment Forum
1 total post (Page 1 of 1)  

Related Discussions

Related Forums