Risk Management: What is it, Why is it Important, and How to do it?

Contributed by Richard Parker
Risk Management is the process whereby an organization identifies the risk, makes an assessment of the risk, identifies any mitigation that can be done to control the risk, and then decides to accept the risk or not to accept the risk. It applies to everything we do such as our personal lives, financial institutions, organizational operations, and information security. It is important in order to ensure the protection of the organization, it’s assets, and more specifically the organization’s Information Technology environment. There are a few variations of the risk management process which have been developed by both commercial and government organizations. All these processes may differ in implementation and labeling but have the same essential core steps. Those steps include identification of the risk, analysis and evaluation of the risk, mitigation of the risk, acceptance of the risk that can’t be mitigated, and monitoring. When done properly, risk management can greatly reduce the amount of risk taken on by an organization and the effects of the risk.
This document is in PDF format. To view it click here.

Rate this article: 
No votes yet