How to apply risk management to IT

75 %
25 %
Information about How to apply risk management to IT
Business & Mgmt

Published on February 26, 2014

Author: john.b991


How to apply Risk Management to IT

What is a Risk A likeliness a loss occurs

process to protect against threats

Risk of <loss or damage to asset> due to <event> caused by <cause>

Event: Power Outage Control: Vulnerability: UPS Poor maintenance Impact: Datacenter outage Risk of loss of datacenter services due to power outage caused by poor UPS maintenance

Budget overruns Delays Poor quality Ineffective change management Financial, Configuration issues Operational Unauthorized access Malware Virus attacks Website attacks Poor patch management Security Utilities failure Natural disasters Physical Labor strikes Infrastructure Obsolete technology Theft Inflexible architecture IT Risk Categories Staffing Compliance Operations Non compliance with SOX, Law, Data Privacy, Licence contracts Loss of key IT resources Inability to recruit staff Mismatch of skills Human errors Breakdown processes Outsourcing Poor service levels Data leakage, lack of support

(1) Risk 4 Phases Identification (4) Risk (2) Risk Monitoring Assessment (3) Risk Mitigation

4 Phases (1) Risk Identification Identify all potential risks Examples Monitoring Assessment Hard disk failure Malware Spyware Mitigation Other hardware failure Theft Loss internet connectivity

(2) Risk 4 Phases Assessment Map identified risks Monitoring Assessment Mitigation

4 Phases (3) Risk Mitigation 4 risk mitigation strategies Define per risk strategy measures to reduce risk Risk Mitigation Strategies Identified and assessed risks Avoid risk by Reduce risk by Hard disk failure Accept risk? Remaining risk level Backup Malware Transfer risk by Malware software Theft Spyware Monitoring Other hardware failure Loss of internet connectivity Insurance Spyware Assessment accept accept

4 Phases (4) Risk Monitoring A risk can never be completely eliminated. It can only be managed Identified and assessed risks Risk Mitigation Hard disk failure Backup Malware Malware software Theft Insurance Spyware Spyware Other hardware failure Loss of internet connectivity Monitoring Risk Monitoring activity Check correct and completeness of backup Regular restore Check validity insurance Check regular anti spyware updates and check correct and complete execution Assessment

Risk Management tips • Build multidisciplinair teams to identify, assess, mitigate and monitor risks from different perspectives • Use brainstorming techniques to identify risks and to mitigate risks • Define risk mitigation measures based on the four strategies (avoid, reduce, transfer, accept) starting from the highest risks • Weave risk management activities in the daily project and service management practices and tooling

Governancee ISO38500 Managemente Prince2 / PMBok Build Acquire Implemente Service Delivery ITIL v3 SABSA ISO31000 ISO27000

The mystery behind on time, on budget and meeting customer expectation projects or services ?

well executed risk management

Thank You More questions or remarks Feel free to contact me

Add a comment

Related presentations

Related pages - RIIRIS301B - Apply risk management processes

Modification History. Not applicable. Unit Descriptor. This unit covers the application of risk management processes in resources and infrastructure ...
Read more - BSBPMG415A - Apply project risk ...

Supersedes BSBPMG407A - Apply risk management techniques: ... 1.2 Contribute to developing risk-management strategies and risk-management plans according ...
Read more

Search and apply for Risk Management Jobs at National ...

Search and apply for Risk Management Jobs at National Interstate. Join our team today!
Read more

Risk Management – Guide

Apply risk identification tools ... Risk Management ... People often ask why the management of risk cannot remain
Read more

Risk Management Definition | Investopedia

... risk management occurs anytime an investor or fund manager analyzes ... given their investment objectives and risk ... they apply a bell ...
Read more

Risk management -

What is a risk? Preparing a risk management plan ; ... Discuss your risk management plan with your insurer to check your coverage. More information.
Read more

Preparing a risk management plan and business impact ...

Learn how a risk management plan can help you ... is known as risk management. A risk management plan and a business ... can apply to sell or ...
Read more

10 Golden Rules of Project Risk Management

10 Golden Rules of Project Risk Management; ... This article gives you the ten golden rules to apply risk management successfully in your project.
Read more

ISO 31000 - Risk management

That's why they often turn to ISO 31000 on risk management to support themselves in this task. 17 May 2012 Rebuilding from rubble ...
Read more