New Risk Toolkit From ISACA Provides Risk Management Templates and Policies

·3 min read

Risk Starter Kit provides professionals new to risk with resources to aid with activities like risk maturity assessments, risk reporting and risk scenarios

SCHAUMBURG, Ill., May 19, 2022--(BUSINESS WIRE)--As enterprises have learned even more acutely over the past few years, managing risk is crucial to minimizing disruption and ensuring business continuity in the face of challenges. To aid enterprises in creating their own tailored risk management program, ISACA has released a Risk Starter Kit, which contains a wealth of tools and templates to facilitate risk assessment, risk appetite, risk maturity assessment, risk policy creation and other related tasks.

Created by a group of global risk experts, the Risk Starter Kit includes guidance and templates that provide enterprises with a strong foundation for creating their own customized risk management tasks suited to their needs. These resources include:

  • Risk appetite statement

  • Risk assessment template

  • Risk reporting

  • Risk governance tools, including an IT risk management policy and a risk committee charter

  • Risk maturity assessment

  • IT risk job descriptions

  • Risk scenario template

  • Risk and controls library

  • Risk register

Rather than having to create each tool to perform standard risk management tasks on their own, enterprises can save time by downloading the components and editing and customizing them based on their own needs and key risk management functions.

"Risk professionals know that a strong risk management program requires a coordinated spectrum of activities that are integrated into the business and involve support and buy-in from across all levels of the enterprise," says Paul Phillips, ISACA Director of Event Content Development and Risk Professional Practice Lead. "It takes time and reflection for enterprises to perform risk management functions and having a trusted foundation from which to design these risk activities adds significant value. These tools will help enterprises meet their unique goals and needs within their industry and region."

The Risk Starter Kit is free for ISACA members and US$49 for nonmembers and can be downloaded at

ISACA offers additional risk resources, including the Risk IT Framework and the Certified in Risk and Information Systems Control (CRISC) certification, which can be found at Professionals can also discuss topics related to risk management with others in the global community in the ISACA Engage online forum here.


For more than 50 years, ISACA® ( has equipped individuals and enterprises with the knowledge, credentials, education, training and community to progress their careers, transform their organizations, and build a more trusted and ethical digital world. ISACA is a global professional association and learning organization that leverages the expertise of its more than 150,000 members who work in digital trust fields such as information security, governance, assurance, risk, privacy and quality. It has a presence in 188 countries, including 225 chapters worldwide. Through its foundation One In Tech, ISACA supports IT education and career pathways for underresourced and underrepresented populations.

View source version on


Emily Van Camp, +1.847.385.7217,
Kristen Kessinger, +1.847.660.5512,