Comprehensive IT Risk Management Report for Aztek Finance Sector
VerifiedAdded on 2020/03/23
|21
|4910
|35
Report
AI Summary
This report provides a detailed analysis of IT risk management within the Aztek organization, specifically focusing on the Australian finance sector. It begins with an executive summary highlighting the importance of risk management in preventing threats and ensuring business continuity. The report then delves into the introduction of risk management, defining risks and the need for proactive measures. It explores the management of risks, including risk assessment, mitigation, and evaluation, emphasizing the importance of security policies and a robust control framework. The report also covers key aspects of data security, including security policies, database security threats, and data migration strategies. Furthermore, it examines the main components of an IT risk management framework, such as control environment, control activities, risk assessment, and information and communication. The report concludes by emphasizing the significance of IT risk management in safeguarding organizational assets and ensuring the seamless operation of business activities. References and figures are included to support the analysis.
Running Head: IT Risks Management
Risks Management of an Aztek Organization
Australian Finance Service Sector
Risks Management of an Aztek Organization
Australian Finance Service Sector
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
IT Risks Management of an Organisation
Table of Contents
Executive Summary...............................................................................................................................2
Introduction to the Risk Management....................................................................................................2
Management of Risks............................................................................................................................4
Security Policies of an Organisation......................................................................................................5
Framework of an Organisation..............................................................................................................6
Main Components of framework in IT risk management..........................................................7
Risk Assessment....................................................................................................................................9
Mitigation of the Risks........................................................................................................................11
Data Security Policies in Organisation................................................................................................13
Database security Threats...................................................................................................................14
Importance of the Database Security of an Organisation........................................................15
Migrating of the Data..........................................................................................................................16
Conclusions.........................................................................................................................................17
References...........................................................................................................................................18
Table of Figures
Figure 1 Risk Management....................................................................................................................4
Figure 2 Process of Risk Management................................................................................................11
Figure 3 Strategies for Mitigation Risks..............................................................................................13
Figure 4 Security Based Models..........................................................................................................15
IT Risks Management of an Organisation
Table of Contents
Executive Summary...............................................................................................................................2
Introduction to the Risk Management....................................................................................................2
Management of Risks............................................................................................................................4
Security Policies of an Organisation......................................................................................................5
Framework of an Organisation..............................................................................................................6
Main Components of framework in IT risk management..........................................................7
Risk Assessment....................................................................................................................................9
Mitigation of the Risks........................................................................................................................11
Data Security Policies in Organisation................................................................................................13
Database security Threats...................................................................................................................14
Importance of the Database Security of an Organisation........................................................15
Migrating of the Data..........................................................................................................................16
Conclusions.........................................................................................................................................17
References...........................................................................................................................................18
Table of Figures
Figure 1 Risk Management....................................................................................................................4
Figure 2 Process of Risk Management................................................................................................11
Figure 3 Strategies for Mitigation Risks..............................................................................................13
Figure 4 Security Based Models..........................................................................................................15
2
IT Risks Management of an Organisation
Executive Summary
The IT risk management in this company is inspired by efficient risk management which
helps in preventing threats occurring to the organization. The effects caused by the threats
create impacts on database of the company which leads to misguide the company goals and
affects the infrastructure of the organisation. These risks held great impact on quality of work
of an organization but this risk management helps to reimburse all losses which leads to
healthy business activities of an organization. If this risk management system is implemented
in systematic way than we can avoid risks and flawlessly continues the business activities.
This is a necessary act to develop strategies and create ideas for risk management of an
organization. The project mainly aim for outsourcing for the main key IT functionalities and
mitigating the risks being affected such as the network, managing of the desktop and
accessing and development for the networks to a third party (Alexander, 2013).
Introduction to the Risk Management
Risk Management can be expressed as an undesirable act which leads to malicious activities
which devoid the information is known as a risk. This leads to threaten the system and can
expected harm to the system of the organization. Risk management includes the accessibility
of identifying risks, dissolute them or eliminate them without causing any harm to the IT
system of an organization. These harms contains all the risks such as leaking the information
related to activities based on operation, ownership and investments of an organization Risk
management done on real time basis (Armstrong & Taylor, 2014). These risks can be
overcome by using extra security features and technologies being used in the Aztek company
or by using the various other network architecture which is a basic strategy to manage the
IT Risks Management of an Organisation
Executive Summary
The IT risk management in this company is inspired by efficient risk management which
helps in preventing threats occurring to the organization. The effects caused by the threats
create impacts on database of the company which leads to misguide the company goals and
affects the infrastructure of the organisation. These risks held great impact on quality of work
of an organization but this risk management helps to reimburse all losses which leads to
healthy business activities of an organization. If this risk management system is implemented
in systematic way than we can avoid risks and flawlessly continues the business activities.
This is a necessary act to develop strategies and create ideas for risk management of an
organization. The project mainly aim for outsourcing for the main key IT functionalities and
mitigating the risks being affected such as the network, managing of the desktop and
accessing and development for the networks to a third party (Alexander, 2013).
Introduction to the Risk Management
Risk Management can be expressed as an undesirable act which leads to malicious activities
which devoid the information is known as a risk. This leads to threaten the system and can
expected harm to the system of the organization. Risk management includes the accessibility
of identifying risks, dissolute them or eliminate them without causing any harm to the IT
system of an organization. These harms contains all the risks such as leaking the information
related to activities based on operation, ownership and investments of an organization Risk
management done on real time basis (Armstrong & Taylor, 2014). These risks can be
overcome by using extra security features and technologies being used in the Aztek company
or by using the various other network architecture which is a basic strategy to manage the
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
IT Risks Management of an Organisation
risks. There are several other risks which can be overcome by other means of strategies. This
risk management system would cover the entire reasons of outcome that can cause risks to
the organization. Risk management is highly managed so that clients can continue all there
organizational activities in seamless manner and to update with the latest technologies to
protect consumer data and information to avoid the threats. This covers all the business risks
and security related technologies which will automatically .which will organize all business
activities. The security policies of risk management can be applied which contains all fields
of hardware, software, information and communications which help in creating the safe and
secure environment for storage of information of an organization. Risk management includes
the accessibility of identifying risks, dissolute them or eliminate them without causing any
harm to the IT system of an organization. The main aim of risk management is help
organisations for better completions of targets and avoid unnecessary risks to the system
(Bodnar et al., 2016).
Figure 1 Risk Management (Source By: Author)
Effortness Expert Group
Quality of Data &
Information
Strategic
Migration/Methodologies
Objectives &
Recovering
Time
IT Risks Management of an Organisation
risks. There are several other risks which can be overcome by other means of strategies. This
risk management system would cover the entire reasons of outcome that can cause risks to
the organization. Risk management is highly managed so that clients can continue all there
organizational activities in seamless manner and to update with the latest technologies to
protect consumer data and information to avoid the threats. This covers all the business risks
and security related technologies which will automatically .which will organize all business
activities. The security policies of risk management can be applied which contains all fields
of hardware, software, information and communications which help in creating the safe and
secure environment for storage of information of an organization. Risk management includes
the accessibility of identifying risks, dissolute them or eliminate them without causing any
harm to the IT system of an organization. The main aim of risk management is help
organisations for better completions of targets and avoid unnecessary risks to the system
(Bodnar et al., 2016).
Figure 1 Risk Management (Source By: Author)
Effortness Expert Group
Quality of Data &
Information
Strategic
Migration/Methodologies
Objectives &
Recovering
Time
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
IT Risks Management of an Organisation
Management of Risks
When an undesirable act which is against the security policies of the system which is
malicious and can provide harm to Information system known as risk. These risks held in a
system leads to expected harm to system. Risk management prevents the breaches in a
system.to manage the risk there is 3 things to be done that is risk assessment, mitigation and
evaluation of risk.
The risk assessment means to identification and evaluation of the risk, how it impacts
on system and some risk reducing solutions whereas Risk mitigation means to
prioritize the risk and solve the vulnerable ones first ,implementation of solution
according to security policies on priority basis of risk and maintaining of appropriate
risk reducing measures. Risk assessment is first in line of risk management (Bromiley
et al., 2014).
This is used to determine that how potential the threat is and vulnerability of risk
associated with it in an IT system. Eliminating risk firstly include to identify the type
of risk system is dealing with. The identification of risk helps in preventing and
reducing the risk. Risk assessment process is updated at least in a year by respected
organisations according to demand in newer versions (Therivel & Paridario, 2013).
Risk mitigation helps in prioritizing and evaluating the risk which helps in risk
reducing controls recommending the proper solution for risk management. Whether it
is impossible to eliminate all risks but at least the economic approach and an
appropriate measure to decrease vulnerability of risk to a desirable level it helps in
decreasing impact of risks. The risk mitigation held by mission owners after
acknowledging all potential risks (Burke, 2013)
Risk Evaluation is a process which leads to help the evolving network of an
organisation because as the information expands the vulnerability of risk also
IT Risks Management of an Organisation
Management of Risks
When an undesirable act which is against the security policies of the system which is
malicious and can provide harm to Information system known as risk. These risks held in a
system leads to expected harm to system. Risk management prevents the breaches in a
system.to manage the risk there is 3 things to be done that is risk assessment, mitigation and
evaluation of risk.
The risk assessment means to identification and evaluation of the risk, how it impacts
on system and some risk reducing solutions whereas Risk mitigation means to
prioritize the risk and solve the vulnerable ones first ,implementation of solution
according to security policies on priority basis of risk and maintaining of appropriate
risk reducing measures. Risk assessment is first in line of risk management (Bromiley
et al., 2014).
This is used to determine that how potential the threat is and vulnerability of risk
associated with it in an IT system. Eliminating risk firstly include to identify the type
of risk system is dealing with. The identification of risk helps in preventing and
reducing the risk. Risk assessment process is updated at least in a year by respected
organisations according to demand in newer versions (Therivel & Paridario, 2013).
Risk mitigation helps in prioritizing and evaluating the risk which helps in risk
reducing controls recommending the proper solution for risk management. Whether it
is impossible to eliminate all risks but at least the economic approach and an
appropriate measure to decrease vulnerability of risk to a desirable level it helps in
decreasing impact of risks. The risk mitigation held by mission owners after
acknowledging all potential risks (Burke, 2013)
Risk Evaluation is a process which leads to help the evolving network of an
organisation because as the information expands the vulnerability of risk also
5
IT Risks Management of an Organisation
increases and network is a place where database is automatically expanded and
updated to protect the real time on going growing database security policies can be
changed over real-time basis to make sure that risk management is evolving.
Security Policies of an Organisation
To manage the information of an organisation which includes the guidelines, procedure of
unified tasks which is confidential in a most secure way to overcome all risks from all
threatening elements which may cause harm to organization these security policies is used to
handle the data in most secure way .This helps in preventing the security breaches which
leads to cause harm to the system of the Organisation. A security policy encompasses risk
assessment, mitigation and evaluation (Calomiris et al., 2016). These policies will work on
identified risks and implements the most common and economic methods to eliminate the
risks. These policies increase the secrecy of plans and procedure of organization. The most
sensible information of an organization are its transactions, worker’s database, client
database and personal data of an organization now these are the main targets which is to be
breached .it is necessary for a security policy to pertain these information in right and
protected servers and it would be accessible only by some authorised personnel’s to protect
data. Security policy also says that database should be updated daily, once in a week or
fortnightly to protect database from unwanted intrusions and breaches. The remote server can
also be used in case of extra protection where data backups automatically at the end of the
day to get an extra cover on the database (Chapman & Ward, 2003). The main objective of
the security is to maintain progress in IT system of organization which leads growth of
company and an each individual works in it as well.
IT Risks Management of an Organisation
increases and network is a place where database is automatically expanded and
updated to protect the real time on going growing database security policies can be
changed over real-time basis to make sure that risk management is evolving.
Security Policies of an Organisation
To manage the information of an organisation which includes the guidelines, procedure of
unified tasks which is confidential in a most secure way to overcome all risks from all
threatening elements which may cause harm to organization these security policies is used to
handle the data in most secure way .This helps in preventing the security breaches which
leads to cause harm to the system of the Organisation. A security policy encompasses risk
assessment, mitigation and evaluation (Calomiris et al., 2016). These policies will work on
identified risks and implements the most common and economic methods to eliminate the
risks. These policies increase the secrecy of plans and procedure of organization. The most
sensible information of an organization are its transactions, worker’s database, client
database and personal data of an organization now these are the main targets which is to be
breached .it is necessary for a security policy to pertain these information in right and
protected servers and it would be accessible only by some authorised personnel’s to protect
data. Security policy also says that database should be updated daily, once in a week or
fortnightly to protect database from unwanted intrusions and breaches. The remote server can
also be used in case of extra protection where data backups automatically at the end of the
day to get an extra cover on the database (Chapman & Ward, 2003). The main objective of
the security is to maintain progress in IT system of organization which leads growth of
company and an each individual works in it as well.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
IT Risks Management of an Organisation
1. Data Security and its accountability- It is essential to ensure the activities and to
have the workforce and the management that is been brought up by the managing the
accountability resources of an organisational behaviour.
2. Response to Incidents- It is necessary to respond for the security breech so as to
make the sudden reactions and to perform the urgent operations to overcome from the
problems been made so that the organisation should not face big loss (Chapman &
Ward, 2003).
3. Monitoring Use- It is the good way for monitoring the system routinely so as to
avoid the risk from occurrence in the organisational infrastructure. The schedule
should be made in a proper manner so as to form the various strategies for not
allowing the threats to enter.
4. Acceptable Usage- The employees working in an organisation should have the proper
knowledge regarding the acceptance to the policies and to follow the rules and
regulations in the company
5. Data Security in System- It is essential to prevent the organisation systems from the
malicious activities. It basically aims to have the security configuration by viewing
and the servers run on the company networks are not affected by any intrusions
(Calomiris et al., 2016).
Framework of an Organisation
The scope of the organisational framework has been fully covered within the scope of the
frameworks. Risks are the natural part of the business Processes. Risks and threats are the
natural part of the business organisation. The business organisation needs to effectively
manage the threats and the harmful activities to be detected so that benefits should be earned.
The IT risk framework is the gap which is been built between the standard risk management
IT Risks Management of an Organisation
1. Data Security and its accountability- It is essential to ensure the activities and to
have the workforce and the management that is been brought up by the managing the
accountability resources of an organisational behaviour.
2. Response to Incidents- It is necessary to respond for the security breech so as to
make the sudden reactions and to perform the urgent operations to overcome from the
problems been made so that the organisation should not face big loss (Chapman &
Ward, 2003).
3. Monitoring Use- It is the good way for monitoring the system routinely so as to
avoid the risk from occurrence in the organisational infrastructure. The schedule
should be made in a proper manner so as to form the various strategies for not
allowing the threats to enter.
4. Acceptable Usage- The employees working in an organisation should have the proper
knowledge regarding the acceptance to the policies and to follow the rules and
regulations in the company
5. Data Security in System- It is essential to prevent the organisation systems from the
malicious activities. It basically aims to have the security configuration by viewing
and the servers run on the company networks are not affected by any intrusions
(Calomiris et al., 2016).
Framework of an Organisation
The scope of the organisational framework has been fully covered within the scope of the
frameworks. Risks are the natural part of the business Processes. Risks and threats are the
natural part of the business organisation. The business organisation needs to effectively
manage the threats and the harmful activities to be detected so that benefits should be earned.
The IT risk framework is the gap which is been built between the standard risk management
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
IT Risks Management of an Organisation
and the management frameworks. It generally provides end-to-end communication which
provides the visibility to view all the risks related to the IT organisational behaviour
(Chapman & Ward, 2003).
The Framework is a powerful tool for every organisation which mainly focuses on the
organisational structure, values and business activities that mainly focus on designing and
implementation of the business operations. The main criterion of the framework is to have the
teams and the individual performance which generally includes the interesting form of
learning from the threats (Chitakornkijsil, 2010).
Main Components of framework in IT risk management
In an organization the databases are collected which leads to losing control over these large
data mines this means the risk in achievements of objective hence internal control is a key to
obtain targets in less time these controls needs investment of time and money both by
securing the systems .Many things depends on control of data . If data is not controlled
properly leads to failure, losses and scandals and it may affect the reputation of organization
in their respective sector (Coso, 2004). Risks are always new and if not controlled problems
can be created. Controls are based on criteria which are evaluated by auditors and
management to achieve certain goals in data security. Internal auditors work with
management to develop the appropriate criteria according to their evaluation. The report of
internal audit decides state of control in a risk management and that’s how the control
framework is designed (Teixeira et al., 2015). Control Framework promotes the rightful
environment and inspires organization. Components involved to design framework are as
follows:-
1. Control Environment builds the tone of an organization which provides base for
internal control by giving the respected structure and discipline. This includes ethical
IT Risks Management of an Organisation
and the management frameworks. It generally provides end-to-end communication which
provides the visibility to view all the risks related to the IT organisational behaviour
(Chapman & Ward, 2003).
The Framework is a powerful tool for every organisation which mainly focuses on the
organisational structure, values and business activities that mainly focus on designing and
implementation of the business operations. The main criterion of the framework is to have the
teams and the individual performance which generally includes the interesting form of
learning from the threats (Chitakornkijsil, 2010).
Main Components of framework in IT risk management
In an organization the databases are collected which leads to losing control over these large
data mines this means the risk in achievements of objective hence internal control is a key to
obtain targets in less time these controls needs investment of time and money both by
securing the systems .Many things depends on control of data . If data is not controlled
properly leads to failure, losses and scandals and it may affect the reputation of organization
in their respective sector (Coso, 2004). Risks are always new and if not controlled problems
can be created. Controls are based on criteria which are evaluated by auditors and
management to achieve certain goals in data security. Internal auditors work with
management to develop the appropriate criteria according to their evaluation. The report of
internal audit decides state of control in a risk management and that’s how the control
framework is designed (Teixeira et al., 2015). Control Framework promotes the rightful
environment and inspires organization. Components involved to design framework are as
follows:-
1. Control Environment builds the tone of an organization which provides base for
internal control by giving the respected structure and discipline. This includes ethical
8
IT Risks Management of an Organisation
values and proper management’s philosophy with operating style. Authorities are
assigned with responsibility which helps in organizing people and developing.
(D’Arcy & Brogan, 2001).
2. Control activities helps in ensuring management to carry the policies and procedures
in rightful manner .some essential steps are taken to address risks in the system on all
levels with all functions. This includes activities of approval and authorization
followed by verifications and reconciliations and at last these activities improves the
operating performance and practicing of segregation duties works better in this act
(Sadgrove, 2016).
3. Risk Assessment works on the internal and external sources of risks of the system. To
analyse the risk and how it would be managed is done by this component of
framework of risk management as the risk is analysed it works on how it can be
managed and compares it with relevant risks that encountered earlier by the system.
Risk management change according to the type of risk we are dealing with (Elbahar et
al., 2016).
4. Information and communication – in a time frame the information is communicated,
captured and communicated which enable individuals to pertain their responsibilities.
This system helps in producing reports, making financial information which controls
the organization to run the business. Effective communication leads to flowing down
the information in broader sense. It helps in understanding the individual their roles
and duties. By communicating with external communicating parties like customers,
clients, regulators and stakeholders etc. (Flyvbjerg, 2013).
5. Monitoring is done on all control systems it is basically a process that tracks the
performance of system’s quality by using real-time activity which separately evaluates
IT Risks Management of an Organisation
values and proper management’s philosophy with operating style. Authorities are
assigned with responsibility which helps in organizing people and developing.
(D’Arcy & Brogan, 2001).
2. Control activities helps in ensuring management to carry the policies and procedures
in rightful manner .some essential steps are taken to address risks in the system on all
levels with all functions. This includes activities of approval and authorization
followed by verifications and reconciliations and at last these activities improves the
operating performance and practicing of segregation duties works better in this act
(Sadgrove, 2016).
3. Risk Assessment works on the internal and external sources of risks of the system. To
analyse the risk and how it would be managed is done by this component of
framework of risk management as the risk is analysed it works on how it can be
managed and compares it with relevant risks that encountered earlier by the system.
Risk management change according to the type of risk we are dealing with (Elbahar et
al., 2016).
4. Information and communication – in a time frame the information is communicated,
captured and communicated which enable individuals to pertain their responsibilities.
This system helps in producing reports, making financial information which controls
the organization to run the business. Effective communication leads to flowing down
the information in broader sense. It helps in understanding the individual their roles
and duties. By communicating with external communicating parties like customers,
clients, regulators and stakeholders etc. (Flyvbjerg, 2013).
5. Monitoring is done on all control systems it is basically a process that tracks the
performance of system’s quality by using real-time activity which separately evaluates
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
IT Risks Management of an Organisation
the systems. These operations include regular management and activities and actions
comprised on effectiveness of assessment of risks.
Risk Assessment
It is the process which mainly aims to implement the risk methodology. Organization
structure uses the risk assessment for determining the ricks and the malicious activities
associated with the IT management. The process made on the risk analysis has the
appropriate tools and technologies used for detecting and mitigating the risks. It is the main
function which is being used for possibility of a given risk source’s exercising a particular
potential exposure, and the subsequent impact of that opposing event on the organization. To
determine the adverse effects of the organisational behaviour, various strategies are been
implemented associated with the risks (Galliers et al., 2014).
1. The responsibility made for determining the well-being of an adverse event for
determining the likelihood of an event, the resources which is being used for detecting
the threats from the systems and impact made on the vulnerability of the system.
2. It is essential to regulate the well-being of an event occurred:
Enthusiasm among the employees
Nature of the Threats been detected
Controlling the current threats
3. Analysis made on the threats and the occurrence of the vulnerability, Threats can be
detected from the various sources or from the various pores of the system which can
be:
System Hackers
Intruders or Criminals
Terrorists
IT Risks Management of an Organisation
the systems. These operations include regular management and activities and actions
comprised on effectiveness of assessment of risks.
Risk Assessment
It is the process which mainly aims to implement the risk methodology. Organization
structure uses the risk assessment for determining the ricks and the malicious activities
associated with the IT management. The process made on the risk analysis has the
appropriate tools and technologies used for detecting and mitigating the risks. It is the main
function which is being used for possibility of a given risk source’s exercising a particular
potential exposure, and the subsequent impact of that opposing event on the organization. To
determine the adverse effects of the organisational behaviour, various strategies are been
implemented associated with the risks (Galliers et al., 2014).
1. The responsibility made for determining the well-being of an adverse event for
determining the likelihood of an event, the resources which is being used for detecting
the threats from the systems and impact made on the vulnerability of the system.
2. It is essential to regulate the well-being of an event occurred:
Enthusiasm among the employees
Nature of the Threats been detected
Controlling the current threats
3. Analysis made on the threats and the occurrence of the vulnerability, Threats can be
detected from the various sources or from the various pores of the system which can
be:
System Hackers
Intruders or Criminals
Terrorists
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
IT Risks Management of an Organisation
Spying
Poor training which may lead to the malicious activities (Pritchard & PMP,
2014).
4. Identification of the Vulnerability or threats effected the various resources:
Hardware
Software
Network Infrastructure
System Interface
Sensitivity to the Information
5. Impacts made on an adverse event:
Loss of Availability of the resources
Loss of Integrity
Loss in confidentiality of information (Glendon et al., 2016).
IT Risks Management of an Organisation
Spying
Poor training which may lead to the malicious activities (Pritchard & PMP,
2014).
4. Identification of the Vulnerability or threats effected the various resources:
Hardware
Software
Network Infrastructure
System Interface
Sensitivity to the Information
5. Impacts made on an adverse event:
Loss of Availability of the resources
Loss of Integrity
Loss in confidentiality of information (Glendon et al., 2016).
11
IT Risks Management of an Organisation
Figure 2 Process of Risk Management (Source By: Author)
Mitigation of the Risks
The strategy is being used for mitigating the risks which mainly requires the following to
reduce the threats so as to have the continuous process in an organisation. The main required
components which are being used are the goals, actions and the implementation of an action
plan. It basically provide the framework for the identification, prioritize and the action which
are used for the reducing risk. The main step of mitigating the risks is to reduce the adverse
effects for this risk mitigation strategies is been implemented to access to the business
continuity and to have the appropriate disaster recovery plan (Hillson et al., 2012). The
following are made on analysing of the mitigation strategies:
Risk
Managemnt
&
Organisation
al Behaviour
Employees
Technologies
& Tools
Infrastructre
Business
Process
IT Risks Management of an Organisation
Figure 2 Process of Risk Management (Source By: Author)
Mitigation of the Risks
The strategy is being used for mitigating the risks which mainly requires the following to
reduce the threats so as to have the continuous process in an organisation. The main required
components which are being used are the goals, actions and the implementation of an action
plan. It basically provide the framework for the identification, prioritize and the action which
are used for the reducing risk. The main step of mitigating the risks is to reduce the adverse
effects for this risk mitigation strategies is been implemented to access to the business
continuity and to have the appropriate disaster recovery plan (Hillson et al., 2012). The
following are made on analysing of the mitigation strategies:
Risk
Managemnt
&
Organisation
al Behaviour
Employees
Technologies
& Tools
Infrastructre
Business
Process
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 21
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.