Risk Management: Is it just another set of business buzzwords? – Part II
Posted by: Robert Davis
Administrative Control, Asset Management, Business Continuity, Continuity Management, Crisis Management, Decision Making, Due Care, Due Diligence, Enterprise Governance, Event Management, Incident Management, Information Technology, IT, IT Management, Management System, Operating Style, Risk Management, Threat Management
An entity’s business risk management framework should be a strategic axial enabled to accept diverse strategy spokes. Proactively, business risk management should represent the process whereby an entity methodically addresses risks attached to activities with the objective of achieving sustained benefit within each activity and across the activities portfolio.
Through project collaboration the Association of Insurance and Risk Managers, the Association of Local Authority Risk Managers, and the Institute of Risk Management promote the following risk management process:
1. Identify Strategic Objectives
2. Perform Risk Assessment
2.1 Risk Analysis
2.1.1 Risk Identification
2.1.2 Risk Description
2.1.3 Risk Estimation
2.2 Risk Evaluation
3. Provide Risk Reporting
4. Decision (determine risk appetite)
5. Document Risk Treatment
6. Provide Residual Risk Reporting
7. Perform Monitoring
Source
Davis, Robert E. (2011). Assuring IT Governance. Available from http://www.amazon.com/Assuring-Governance-Assurance-Services-ebook/dp/B0058P58E0 and http://www.smashwords.com/books/view/70359
Davis, Robert E. (2006). IT Auditing: IT Governance. Mission Viejo: Pleier. CD-ROM.
Comment
RSS Feed
Email a friend
