1.Risk Management is the procedure of identifying the risk and mitigating them within the allotted time. IT governance has had a steady emergence in the field of management in the past few years. It provides a support for the corporate governance. Hence, the risk management techniques are very important for the IT governance as it would affect the entire firm (Bromiley et al., 2015).
2.The two type of risk management frameworks that are currently being used are (McNeil, Frey & Embrechts, 2015):
Qualitative risk management and Quantitative risk management
The qualitative risk management is involved with the qualitative analysis of the data related to the risk management techniques.
The quantitative risk management involves the quantitative analysis of the data that are to be analyzed for the risk management.
3.The three organizations that are leading the industry in terms of governance and compliance are:
FixNix: The organization was developed with the vision of radicalizing the governance, risk and compliance solutions and also in a rate that is affordable.
Quarule: The Company is an expert in the financial market and also in the semantic technologies for the software solution of the organization.
Convercent: Covercent is a GRC platform company that facilitates the design of the design and the implementation of the compliance programs.
4.COBIT is Control Objective for Information and related Technologies (Pereira, Ferreira & Amaral, 2017). It is basically a framework created for the ISACS for the purpose of IT management and IT governance. COBIT is very important in terms of compliance as it organizes the IT governance, it provides the process description, it also helps in providing the management guidelines and also helps in the assessment of the maturity model.
5.The IT governance provides great performance and facilities to the institution in addition to providing them with value and management of risk (Gennaioli, Martin & Rossi, 2014). They provide a strategic partner to the already existing governance facilities of the company. They also help the financial institution by providing them guidelines about the compliance with the market standards.
Bromiley, P., McShane, M., Nair, A., & Rustambekov, E. (2015). Enterprise risk management: Review, critique, and research directions. Long range planning, 48(4), 265-276.
McNeil, A. J., Frey, R., & Embrechts, P. (2015). Quantitative risk management: Concepts, techniques and tools. Princeton university press.
Pereira, C., Ferreira, C., & Amaral, L. (2017, June). Shape a Business Case Process: An IT Governance and IT Value Management Practices Viewpoint with COBIT 5.0. In Atas da Conferência da Associação Portuguesa de Sistemas de Informação (Vol. 17, No. 17, pp. 60-75).
Gennaioli, N., Martin, A., & Rossi, S. (2014). Sovereign default, domestic banks, and financial institutions. The Journal of Finance, 69(2), 819-866.