« Download Free IT Risk Template
ISO 27001 data backup and restore operation task form free download »

Download Free IT Risk Management Process Step by Step Checklist

Download Free IT Risk Management Process Step by Step Checklist
Download Free IT Risk Management Process Step by Step Checklist. This step by step checklist explain basic process and requirements to be completed during IT Risk Management. Some of the controls in the checklist listed as below:

Issue identification and context setting: A preliminary step is to identify the issues that need to be addressed and to provide some type of context to enable people to understand why they are important and the priority they should be addressed in. This process includes activities such as a stakeholder analysis and the definition of the problems and their scope and context.
Assess current risk management capacity: A preliminary step is an evaluation of the current capability of the organization for risk management. After all, it may be that the Board of the organization decides, in light of the infrastructure already in place, there is no requirement for further action. In a mature environment, this may be a rational, if brave, decision.
Perform internal and external environmental scans: This is necessary to understand the state of the organization in terms of the type and source of risks. The internal scan provides information on existing policies and awareness of risk within the organization, whereas the external scan provides information on the state of the environment and the position and attitude of key external stakeholders and partners.
Key risk area identification and assessment: Once the internal and external scans have been completed, it is necessary to analyze the context and results to understand the types or risk identified and any local or organization-wide issues that are relevant.
Determining probability and impact: Once the risks have been identified and assessed, it is possible to determine the level of exposure, defined in terms of the probability of impact.
Risk ranking or prioritization: Once risks have been identified, they have to be allocated a ranking on their importance and prioritized for action to be taken to control or mitigate them. The risk tolerance state of the organization should be taken into account during this process.

download

Popularity: 16% [?]

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Facebook
  • Google
  • Slashdot
  • StumbleUpon
  • Reddit

This entry was posted on Sunday, April 26th, 2009 at 3:15 pm and is filed under Download, Template. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.