LAB 3.docx - Quest 1 Describe in what ways the risk management process in both IT and non-IT environments are similar Briefly describe in your own words

LAB 3.docx - Quest 1 Describe in what ways the risk...

This preview shows page 1 - 2 out of 5 pages.

Quest 1: Describe in what ways the risk management process in both IT and non-IT environments are similar. Briefly describe in your own words the five major steps of risk management: plan, identify, assess, respond, and monitor? 1. Risk Identification – this is the first step of risk management where potential risks or threats are identified depending on the environment. We can identify risks by considering different types of risk such as physical risk, electrical risk, biological risk and service failure risks etc. risk can also be categorize as legal, physical, financial, or ethical. Physical risks could damage to physical assets of the organization such as real estate, plant, vehicles, inventory, lands etc. Financial risks could be financial assets of the organization. Ethical risks could be possible damage to the reputation or principles of any organization. Risk identification should be done in the early stages of any project and should be done repeatedly so that if any new risk arises because of circumstantial changes we could easily be able to identify them. 2. Risk Assessment and prioritization – risk assessment involves threat p robability and risk severity. once risks are identified we must began the analysis, risk analysis is done to calculate the severity of the risk or whether the risk or threat could be taken care of. We can divide risk into three categories first as Intolerable risk which are critical to the system, project or any organization and we need to ensure that this threat doesn’t happen in the future or if it does the damage should be minimal. Risk with low probability of occurrence and third is acceptable risks in which working of the project or system can be continued and only minor adjustment are required. Prioritization of risks is required 3. Risk Planning: Risk planning involves making plans, strategies and taking action. Once the analysis and prioritization is done the response for highest severity risk should be planned first to remove or reduce the impact we must set our risk mitigation   strategies and actions to prevent the potential risk and also to minimize the damage to the highest degree. To do planning we should focus on the areas
Image of page 1
Image of page 2

You've reached the end of your free preview.

Want to read all 5 pages?

  • Spring '18
  • eric hollis

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture