Risk matrix breaks down problem areas of blockchain technology – Compliance Week

Risk matrix breaks down problem areas of blockchain technology – Compliance Week

A new risk matrix, “Blockchain Risk: Considerations for Professionals,” aims to describe and contextualize several specific risks associated with the implementation and operation of blockchain. It was developed jointly by a working group comprised of the ISACA, the American Institute of Certified Public Accountants (AICPA), and the Chartered Institute of Management Accountants (CIMA).

The matrix is organized under five risk domains—governance, infrastructure, data, key management, and smart contracts—and their relevant subdomains.

“Many enterprises are eager to harness the power of blockchain to transform their businesses or operations,” said Dustin Brewer, ISACA senior director, emerging technology and innovation, in a press release. “While there are great benefits to using blockchain, practitioners should ensure they fully understand all types of risk to avoid potentially exposing their business to vulnerabilities, attack vectors or other issues before implementing—or even retroactively, if needed.”

Below is a brief description of each domain risk, as described in greater detail in the risk matrix: