Risk Management

Looking at the risk scores on your Impact Analysis form, select the risks with the highest scores for further review. For example, you may wish to review all risks that scored a 7 or higher.

For each of these risks, document your organization's form of risk mitigation (avoidance, transference, correction, or acceptance) and then describe what you currently do. Consider whether your organization's current risk mitigation method and actions or procedures address the risk, and document any additional actions you think would improve your management of the risk.

If you would like to see an example, one is available for your review here.

You may wish to repeat the Impact Analysis and Risk Management process for the assets you scored as of medium importance or for some of the risk scores that were lower than your cutoff point.

Form: Impact Analysis

Form: Impact Analysis Example