My @ISACA column was published recently on risk ownership. Its a problem all risk professionals have to deal with at some point in their careers: when IT is expected to own what is ultimately business risk. I use absurdity to illustrate how absurd this is ;-)

You can read the column here.