developing a risk analysis. what is a risk analysis? a risk analysis is concerned with identifying...
TRANSCRIPT
![Page 1: DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying](https://reader036.vdocument.in/reader036/viewer/2022072013/56649e4a5503460f94b3ee6d/html5/thumbnails/1.jpg)
DEVELOPING A RISK ANALYSIS
![Page 2: DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying](https://reader036.vdocument.in/reader036/viewer/2022072013/56649e4a5503460f94b3ee6d/html5/thumbnails/2.jpg)
What is a risk analysis?
• A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying the preventative measures that can be taken and then applying controls to minimise the risk.
![Page 3: DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying](https://reader036.vdocument.in/reader036/viewer/2022072013/56649e4a5503460f94b3ee6d/html5/thumbnails/3.jpg)
What needs to be taken into account when producing a risk analysis?
•You need to identify potential risks
•Understand the likelihood of risk occurring
•What are the short and long term consequences of threat
•How well equipped are you to deal with the threat
![Page 4: DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying](https://reader036.vdocument.in/reader036/viewer/2022072013/56649e4a5503460f94b3ee6d/html5/thumbnails/4.jpg)
Identifying potential risks
•e.g. viruses / fire / natural damage / hacking / systems failure / fraud, etc
![Page 5: DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying](https://reader036.vdocument.in/reader036/viewer/2022072013/56649e4a5503460f94b3ee6d/html5/thumbnails/5.jpg)
Likelihood of risk occurring
•some things such as power cut are inevitable but explosions much less likely - senior managers have to assess the likelihood of each risk occurring and put in the necessary security
![Page 6: DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying](https://reader036.vdocument.in/reader036/viewer/2022072013/56649e4a5503460f94b3ee6d/html5/thumbnails/6.jpg)
Short and long term consequences of threat
•resources (staff equipment, etc) need to be directed towards recovering the data / may have to pay compensation / financial loss due to loss of business through not being able to take orders / embarrassment/ prosecution / loss of integrity / bankruptcy / cost of replacing equipment
![Page 7: DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying](https://reader036.vdocument.in/reader036/viewer/2022072013/56649e4a5503460f94b3ee6d/html5/thumbnails/7.jpg)
How well equipped is the company to deal with the threat
•has to be reviewed periodically because of changing needs - disaster recovery program – backup strategy
![Page 8: DEVELOPING A RISK ANALYSIS. What is a risk analysis? A Risk analysis is concerned with identifying the risks that an organisation is exposed to, identifying](https://reader036.vdocument.in/reader036/viewer/2022072013/56649e4a5503460f94b3ee6d/html5/thumbnails/8.jpg)
Exam Questions
•Describe in detail two of the factors an organisation needs to consider when producing a risk analysis (4)
•A Bank is very dependent on its ICT system for its administration. The Bank is undertaking a risk analysis. Describe in detail two of the factors the bank should take into account when deciding how much to spend to control and minimize the risk to data. (2x2)
•Other than how well the company is equipped to deal with the risk, describe in detail three of the factors an organisation needs to consider when producing a risk analysis (6)