RiskIT: A Useless Risk Framework due to Copyright Restrictions?

Copyright restrictions mean that RiskIT won't be a widely used risk framework.

ISACA.org have recently published a Risk Framework which they claim is designed to fill the gap between generic risk frameworks and detailed ones.

I wish I knew what was in it.

But if I did know, I wouldn’t be able to tell you or make use of the information.

That’s what the isaca.org copyright policy states.

Specifically, the second paragraph starts with the words:

“The Material that you are downloading may only be used for personal, informational, non-commercial purposes.”

What the proposed use of an IT risk framework that cannot be used for commercial purposes is I do not know. (Perhaps I could use it to manage my kid’s Wii.)

Anyway, if you are willing to agree not to use this framework in your organization, ISACA.org have kindly made it available for the cost of your email address and contact information here.

Just don’t tell me what is in it. I might use that information for corporate, commercial purposes. I wouldn’t want you to break their copyright policy.

And don’t get this confused with all the other RiskIT out there:

These RiskIT don’t require you to agree to a ludicrous copyright policy before you can see them.

13 January 2010

If you found this article interesting, please consider please consider subscribing to the Risky Thinking Newsletter to get notified when new articles appear. Recently published articles can be found here.

There is also an RSS Feed.

Do you have any comments? I'd like to hear them. Please use the contact form to get in touch.