Questioning the Need for Separate IT Risk Management Frameworks

The growing importance of enterprise risk management and the resulting integration efforts put the need for separate IT risk management frameworks in question. In this research we analyse common and distinct elements of the COSO enterprise risk management and ISACA Risk IT frameworks. The analysis affirms the hypothesis that separate IT risk management frameworks are redundant.