BENEFITS OF DOCUMENT
DESCRIPTION
Here are several sample IT Risk Management requirements:
• Have the IT security cost for any investment/project been integrated into the overall cost including (c&a/re-accreditation, system security plan, risk assessment, privacy impact assessment, configuration/patch management, security control testing and evaluation, and contingency planning/testing)?
• When a risk is retired, do we review the history of the risk to record any lessons learned regarding the Risk Management processes used. is the team essentially asking itself: what, if anything, would we have done differently and why?
• Deciding what level of hardware in the system is a decision process such as: is the cost or risk of loss with a USB cable, a tablet, or a mouse sufficient to require tracking? Have we decided on the detail level?
• Describe your organization's policies and procedures governing risk generally and Cybersecurity risk specifically. How does senior management communicate and oversee these policies and procedures?
• Does it replace or negate traditional project management concerns with risk, scheduling, metrics, and execution, or does it shift how we think about these and necessitate new techniques and approaches?
• Is information security risk assessment a regular agenda item at IT and business management meetings and does management follow through and support improvement initiatives?
• Do we maintain our own threat catalogue on the corporate intranet to remind employees of the wide range of issues of concern to Information Security and the business?
Why Own The IT Risk Management Self-Assessment?
The IT Risk Management Self-Assessment will make you a IT Risk Management domain expert by:
• Reducing the effort in the IT Risk Management work to be done to get problems solved
• Ensuring that plans of action include every IT Risk Management task and that every IT Risk Management outcome is in place
• Saving time investigating strategic and tactical options and ensuring IT Risk Management opportunity costs are low
• Delivering tailored IT Risk Management advise instantly with structured going-forward plans
All the tools you need to an in-depth IT Risk Management Self-Assessment. Featuring 704 new and updated case-based criteria, organized into seven core areas of process design, this Self-Assessment will help you identify areas in which IT Risk Management improvements can be made.
The above preview showcases an example of a completed version. The secondary document includes a blank template, as well as a detailed 100+ page PDF guide. The guide provides a convenient way to distribute and share among the participants to prepare and discuss the Self Assessment.
Got a question about the product? Email us at support@flevy.com or ask the author directly by using the "Ask the Author a Question" form. If you cannot view the preview above this document description, go here to view the large preview instead.
Source: Assessment Dashboard - IT Risk Management Excel (XLSX) Spreadsheet, Gerard Blokdijk
ITSM Audit Management ISO 27001 ISO 27002 ITIL Service Management Configuration Management Dashboard Design Progress Report Change Management Incident Management
Download our FREE Strategy & Transformation Framework Templates
Download our free compilation of 50+ Strategy & Transformation slides and templates. Frameworks include McKinsey 7-S Strategy Model, Balanced Scorecard, Disruptive Innovation, BCG Experience Curve, and many more. |