1-Minute Assessment: Risk Management
Take today’s 1-minute assessment:
- Do you have a strategy and procedure to find, analyze, and mitigate risks?
- Is your team familiar with industry frameworks, like ISACA Risk IT, or NIST RMF ?
- Does the Business acknowledge risk-mitigating projects as important, deserving of IT investment?
Did you answer NO to any of these questions? If so, you might be lacking a continuous and forward-looking process, at the project, program, portfolio, and enterprise levels, that would enable IT and the Business to effectively manage risk.
Consider sources for risk, internal and external, like staff, contractors, partners, competitors, the market, regulators, the disgruntled ex-employee, the organized and syndicated hacker. Risk will manifest through acts of omission and commission. Remember what’s at risk – your people, facilities, information, value, brand, intellectual property, perhaps even your very existence as a practical public or private entity.
© Michael C. Simonelli, onthegocio.com, 2013