APRIL 30, 1:00-3:00 PM - ROOM 2945 

WORKSHOP: Navigating the IT Risk Landscape: Using ISACA's Risk IT Framework For Risk Assessment - Mary Carmichael

IT risks can impact organizations in numerous ways, including data breaches, system failures, and compliance violations. To stay ahead of these risks, organizations need a structured approach to identify, assess, and mitigate potential threats.

This workshop is your chance to become a risk IT champion! Through practical knowledge and skills, you'll learn how to identify and assess IT risks, determine their likelihood and impact, and develop effective risk mitigation strategies using ISACA's Risk IT framework.   From malware attacks and phishing scams to cloud service disruptions and software vulnerabilities, this workshop will cover a wide range of IT risks that organizations face daily. You'll engage in group discussions and case studies to reinforce your understanding of the Risk IT framework and its practical application.


Mary Carmichael is a risk management consultant with a  career spanning over 15 years. She specializes in providing risk advisory services on diverse issues, including internal controls design, benefit realization, IT governance and emerging risk assessments. Mary has worked with a wide range of clients across various sectors, including higher education, utilities, government, and energy.


Her extensive knowledge and experience have earned her a position on the ISACA Global Risk Advisory committee and Emerging Trends working group, where she focuses on Generative AI and its implications for control functions such as compliance and risk management. In addition to her work with ISACA, Mary serves as a Board Director for ISACA Vancouver Chapter and has authored two ISACA white papers: "Using Risk Tolerance for Enterprise Strategy" and "Incorporating Risk Management in Agile Projects." Mary is a certified CRISC, CISA, CPA, and CSM professional.