In this week’s Learning Resources, you studied a theoretical framework for risk management that includes the following main steps:
Risk identification
Risk analysis
Risk planning
Risk monitoring
To apply this framework in an organization, specific structures—including systems, procedures, policies, guidelines, best practices, and corporate culture—need to be developed. For example, who is responsible for risk management? Is it a separate unit, or is it part of project management role? Also, what is the process to follow for risk identification and analysis? Who does this task and how? What experience should they have?
In this Discussion, you will analyze how to apply a risk-management framework in your organization.
RESOURCES

Be sure to review the Learning Resources before completing this activity. 
Click the weekly resources link to access the resources. 
WEEKLY RESOURCES
To prepare for this Discussion:
Review this week’s Learning Resources on IT risk management.
BY DAY 3
Post an initial post of 300–400 words in which you:
Briefly explain the business of your own organization, or one with which you are familiar.
Explain how risk management is currently practiced and the structure that supports it.
If you were to faithfully apply the risk-management framework studied this week in your organization, explain what structures (systems, procedures, policies, etc., as explained above) would need to be in place to support it.
Take one of the steps of the risk-management framework and explain with examples how it should be applied.
Use external credible and scholarly resources to support your post.

LEARNING RESOURCES
Required Readings
Barve, J. (2010). COBIT for IT risk management in a bank—a case studyLinks to an external site.. COBIT Focus, 3, 1–6. https://nanopdf.com/download/cobit-for-it-risk-management-in-a-bank_pdf
Kaplan, R. S., & Mikes, A. (2012, June). Managing risks: A new framework. Harvard Business Review, 90(6), 48–60. http://hbr.org