IT Risk Management Checklist

High severity or catastrophic loss risks:
Why is the business loss so severe?
How did the loss evolve?
What are the shortcomings of the existing control procedures?

Avoidance:
Is it impossible to avoid?
Is it impractical to avoid?
Is it too expensive to avoid?
Is it too time consuming to avoid?

Prevention:
Are there any direct countermeasures to prevent the risk from occurring?
Are they cost e. ective?
Do they have bene. cial side effects?
Do they have adverse side effects?

Reduction:
Are there any direct countermeasures to reduce the risk?
Are they cost e. ective?
Do they reduce the loss occurrence?
Will other risks be reduced as well?
Do they have bene. cial side effects?
Do they have adverse side effects?

Transfer:
By insurance?
By contractual agreement?
By other means?
Are there other benefits?
Can the risk be best dealt with by a combination of controls?
Can it be partially reduced and partially transferred?
What are the benefits of each method?

Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Technorati

Trackback URL for this post:

http://www.itservicestrategy.com/trackback/48
  • Login to post comments
  • 1030 reads

User login

Who's new

  • AlanetesPalazola
  • deelpilky
  • SymnVialmyday
  • vandoiyoy
  • revaringins

Who's online

There are currently 0 users and 1 guest online.