Upskilled Data Breach: Risk Management Action Plan and Procedures
VerifiedAdded on  2021/02/20
|19
|6156
|25
Report
AI Summary
This report provides a comprehensive risk management analysis of a data breach incident at Upskilled. The report begins with an assessment of the situation, identifying key risks such as record management issues, data breaches, and loss of records. It presents an action plan that includes policy formation, mitigation procedures, and legislative requirements to address the identified risks. The action plan outlines the potential risks, their level and evaluation, and the required actions, resources, and responsibilities. It further details procedures for mitigating risks related to record management, data breach, and loss of records. These procedures involve risk identification, analysis, evaluation, treatment, and monitoring. The report also emphasizes the importance of data protection regulations and security systems to prevent unauthorized access and misuse of client data. Overall, the report provides a structured approach to managing the risks associated with data breaches and ensuring the security and confidentiality of sensitive information, offering valuable insights into practical risk management strategies and solutions for the organization.
RISK
MANAGEMENT
MANAGEMENT
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Table of Contents
ASSESSMENT 1.............................................................................................................................3
A. Policy formation to reduce the possibility of happening of the incident again......................7
B. 3 Procedures to mitigate the possible consequences in case even happens again.................7
C. Inclusion of legislative requirements....................................................................................13
ASSESSMENT 2...........................................................................................................................13
REFERENCES..............................................................................................................................14
ASSESSMENT 1.............................................................................................................................3
A. Policy formation to reduce the possibility of happening of the incident again......................7
B. 3 Procedures to mitigate the possible consequences in case even happens again.................7
C. Inclusion of legislative requirements....................................................................................13
ASSESSMENT 2...........................................................................................................................13
REFERENCES..............................................................................................................................14
ASSESSMENT 1
Action plan
Upskilled is facing a situation of losing its data to an unknown person and not is on the
edge where it is not sure about the use of the private data of its clients due to lose of laptop by
one of its trainee. This has left organization to a larger risk of loosing and breach of the data and
raise a question over the risk management of the company. The record management issues with
in Upskilled is related with compliance public relation, disaster recovery and breach of
confidentiality along with security threats. The data breach of the organization is related with
losing the data of clients to unknown person which can be misused and raise a question over
authenticity of organization. Loss of record Is higher level risk which occurs when there is loss
or theft of the physical devises containing the personal information. The risk is related with
unauthorized access to the data and use of the information for wrong purpose while leave the
client to a higher risks.
Potential
risk
Level
of
risk
Evalu
ation
of
risks(
Out
of 5)
Reason
for risk
Rating
Action
to be
taken
Requireme
nt of the
resources
Responsibilit
y
Timelin
e
Commu
nication
Record
Managem
ent
Mode
rate
2.5 The
employee
s have
taken the
matters
ca sully
and this
left them
to the
situation
of
Procedu
res are
required
to be
develop
ed for
making
the plan
over
record
manage
Money and
human
resource for
making out
the plans by
the risk
management
executives
(Cohen
Krishnamoo
rthy Wright,
Risk
management
representative
Before
next
broad
meeting
Procedur
es are to
presented
in broad
meeting
explainin
g the
details
plan over
effective
managem
Action plan
Upskilled is facing a situation of losing its data to an unknown person and not is on the
edge where it is not sure about the use of the private data of its clients due to lose of laptop by
one of its trainee. This has left organization to a larger risk of loosing and breach of the data and
raise a question over the risk management of the company. The record management issues with
in Upskilled is related with compliance public relation, disaster recovery and breach of
confidentiality along with security threats. The data breach of the organization is related with
losing the data of clients to unknown person which can be misused and raise a question over
authenticity of organization. Loss of record Is higher level risk which occurs when there is loss
or theft of the physical devises containing the personal information. The risk is related with
unauthorized access to the data and use of the information for wrong purpose while leave the
client to a higher risks.
Potential
risk
Level
of
risk
Evalu
ation
of
risks(
Out
of 5)
Reason
for risk
Rating
Action
to be
taken
Requireme
nt of the
resources
Responsibilit
y
Timelin
e
Commu
nication
Record
Managem
ent
Mode
rate
2.5 The
employee
s have
taken the
matters
ca sully
and this
left them
to the
situation
of
Procedu
res are
required
to be
develop
ed for
making
the plan
over
record
manage
Money and
human
resource for
making out
the plans by
the risk
management
executives
(Cohen
Krishnamoo
rthy Wright,
Risk
management
representative
Before
next
broad
meeting
Procedur
es are to
presented
in broad
meeting
explainin
g the
details
plan over
effective
managem
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
handling
the
hardware
and
laptop
casually.
This has
increased
the
changes
of
loosing
laptops
and other
devises
such hard
drives
and pan
drives.
ment,
backup
and
security
of data
that will
be
submitte
d in
next
broad
meeting
.
2017). ent of
record
and
increasin
g
security
of data
Data
Breach
High 4.5 The loss
of a
hardware
devise
containin
g
personal
informati
on can
lead
misuse of
the
Procedu
re is to
be
underta
ken
over
increasi
ng legal
complia
nce and
installati
on
Money, and
technicals
resources for
development
of software
Legal team
and risk
management
committee
Before
next
broad
meeting
Presentin
g such
software
to the
broad of
directors
to
mitigate
the risk
of data
breach.
the
hardware
and
laptop
casually.
This has
increased
the
changes
of
loosing
laptops
and other
devises
such hard
drives
and pan
drives.
ment,
backup
and
security
of data
that will
be
submitte
d in
next
broad
meeting
.
2017). ent of
record
and
increasin
g
security
of data
Data
Breach
High 4.5 The loss
of a
hardware
devise
containin
g
personal
informati
on can
lead
misuse of
the
Procedu
re is to
be
underta
ken
over
increasi
ng legal
complia
nce and
installati
on
Money, and
technicals
resources for
development
of software
Legal team
and risk
management
committee
Before
next
broad
meeting
Presentin
g such
software
to the
broad of
directors
to
mitigate
the risk
of data
breach.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
clients
private
data
which
outlines
breach of
the data
on the
part of
Upskilled
.
software
in
hardwar
e and
legal
policies
more
intact.
Loss of
Records
High 4 With
loosing
the data
the
personal
informati
on of
clients
have
gone to a
lose end
where it
can be
accessed
in
unauthori
sed
manner
can lead
to misuse
For this
security
system
is
required
to be
installed
in
hardwar
e so
even
after
losing it
no one
can
access it
and its
location
can be
IT experts
and money
for
installation
of the
security
system in
hardware
(Hopkin
2018).
Head of the
legal team
and the
managers
Before
next
broad
meeting
To
present
the
procedur
e to
directors
in board
meeting
so that
immediat
e
private
data
which
outlines
breach of
the data
on the
part of
Upskilled
.
software
in
hardwar
e and
legal
policies
more
intact.
Loss of
Records
High 4 With
loosing
the data
the
personal
informati
on of
clients
have
gone to a
lose end
where it
can be
accessed
in
unauthori
sed
manner
can lead
to misuse
For this
security
system
is
required
to be
installed
in
hardwar
e so
even
after
losing it
no one
can
access it
and its
location
can be
IT experts
and money
for
installation
of the
security
system in
hardware
(Hopkin
2018).
Head of the
legal team
and the
managers
Before
next
broad
meeting
To
present
the
procedur
e to
directors
in board
meeting
so that
immediat
e
of data of
the client.
traced.
the client.
traced.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
A. Policy formation to reduce the possibility of happening of the incident again
B. 3 Procedures to mitigate the possible consequences in case even happens again
I. Procedure for mitigating the risk of record management:
1. Identification of risk: The risk management team is comes together and indulges
itself in identification of the risk associated with data protection of the Upskilled. The first risk
that have been identified under the process of risk management that can effect the organization to
grate extent is identified as the record management of the organization Upskilled (Institute of
Risk Management, 2019). This is the first step in risk management process where the
organization's risk related with management of its record have been determined. In this most
prominent were the loops in maintaining the confidentiality of the information of clients as well
as security system of record are found. The irks is actually related with the record keeping which
includes the ways in which the information is recorded and its storages. It further has an
inclusion of access of the personal data of the client to employee and the security system to make
the access restricted in order to protect the data and information of the clients.
2. Analysis of the risk: At this stage the likelihood of the risk and the consequences of it
are analyses. This is done in order to develop an understanding in the risk management team
over the potential effect on working and gaols of Unskilled. The risk under the risk management
of Upskilled is identified as risk in the record management which includes handling, recording
and access of the data to the employee of the organisation. The likelihood of occurrence of this is
determined to be of moderate level. The level have been assessed to be of medium level as the
data is kept within the organisation and on unauthorised person have a direct access to the
information. The risk is related with breaking into the system of the company or indulgence of
employee of company in unethical behaviours which can lead to unauthorised access of the
information within in company premises. The consequences of this risk is that the security
system of the company will get breached which raise question over the management of company
as well as the data of clients can go into wrong hands which can be used for any wrong or even
illegal matters which can leave clients to high risk of getting misused and raise a question over
the reputation of the firm Upskilled.
3. Evaluation of risk: The risk under this process are ranked out of 5 to which the level
to which the risks effect the organisation and its activities. The record gentle risk for Upskilled is
given a ranking of 2.5 which have a lesser likelihood of occurrence (What are the 5 Risk
B. 3 Procedures to mitigate the possible consequences in case even happens again
I. Procedure for mitigating the risk of record management:
1. Identification of risk: The risk management team is comes together and indulges
itself in identification of the risk associated with data protection of the Upskilled. The first risk
that have been identified under the process of risk management that can effect the organization to
grate extent is identified as the record management of the organization Upskilled (Institute of
Risk Management, 2019). This is the first step in risk management process where the
organization's risk related with management of its record have been determined. In this most
prominent were the loops in maintaining the confidentiality of the information of clients as well
as security system of record are found. The irks is actually related with the record keeping which
includes the ways in which the information is recorded and its storages. It further has an
inclusion of access of the personal data of the client to employee and the security system to make
the access restricted in order to protect the data and information of the clients.
2. Analysis of the risk: At this stage the likelihood of the risk and the consequences of it
are analyses. This is done in order to develop an understanding in the risk management team
over the potential effect on working and gaols of Unskilled. The risk under the risk management
of Upskilled is identified as risk in the record management which includes handling, recording
and access of the data to the employee of the organisation. The likelihood of occurrence of this is
determined to be of moderate level. The level have been assessed to be of medium level as the
data is kept within the organisation and on unauthorised person have a direct access to the
information. The risk is related with breaking into the system of the company or indulgence of
employee of company in unethical behaviours which can lead to unauthorised access of the
information within in company premises. The consequences of this risk is that the security
system of the company will get breached which raise question over the management of company
as well as the data of clients can go into wrong hands which can be used for any wrong or even
illegal matters which can leave clients to high risk of getting misused and raise a question over
the reputation of the firm Upskilled.
3. Evaluation of risk: The risk under this process are ranked out of 5 to which the level
to which the risks effect the organisation and its activities. The record gentle risk for Upskilled is
given a ranking of 2.5 which have a lesser likelihood of occurrence (What are the 5 Risk
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Management Steps in a Sound Risk Management Process, 2019). The magnitude of risk is
identified with combine analysis of the its potentiality of occurrence and the consequences. The
likelihood is moderate and magnitude is 2.5 which means the risk have a potential to effect the
organization, yet no major steps are required to be taken. For this small risk control measures are
required implement in Upskilled. This risk is stated worth considering but for this strict warrant
is not required rather a minor treatment will be enough in order to mitigate the changes of
occurrence of the risk.
4. Treatment of the risk: is the stage which includes referring to the risk response
planning for the identified risk. As this risk is identified to be at magnitude of moderate level that
no vigorous planning is required for the present risk. The plans here are required to be made over
record management, backup and security of data that will be submitted in next broad meeting.
This includes strict compliance with the data protection regulation and according record and
storing the data. Also, the assess of data will be made restricted with installation of password
which will be given to senior authorities only and those personnels which require the access
frequently regarding the work related operation only (The Risk Management Process-A Practical
Technique for Identifying Risks, 2019). For reduction of the consequence of the risks related with
record management effective system is required to in applied in the Upskilled so as to mitigate
the changes of unauthorised access to the data. The data recording system made be such where
data is kept safe with no external access and this will ensure in mitigating the risk related with
security of information as well as breach of confidentially within organisation. There risk is
entered in the risk management register as moderately serious which required low level effort in
order to reduce the changes of its occurrences as well as mitigate the potential consequences.
5 Monitoring the risk:
This is the last stage of the risks management process where the implementation of the
plans and procedures are looked into and the gaps are identifies. Reviews, feedbacks and
suggestions are also taken so as to see the level of implementation and the effectiveness of the
measures taken. For the pans and action taken for the risk of record management monitoring will
be done by recording the progress in the Risk register of Upskilled. In this the evaluation of the
data recording will be done by seeing that how effectively the data and recorded and storage as
per data protection regulations (Giannakis and Papadopoulos, 2016). Apart from the system on
ingratiation access will also be reviewed and the management and relevant employee's feedbacks
identified with combine analysis of the its potentiality of occurrence and the consequences. The
likelihood is moderate and magnitude is 2.5 which means the risk have a potential to effect the
organization, yet no major steps are required to be taken. For this small risk control measures are
required implement in Upskilled. This risk is stated worth considering but for this strict warrant
is not required rather a minor treatment will be enough in order to mitigate the changes of
occurrence of the risk.
4. Treatment of the risk: is the stage which includes referring to the risk response
planning for the identified risk. As this risk is identified to be at magnitude of moderate level that
no vigorous planning is required for the present risk. The plans here are required to be made over
record management, backup and security of data that will be submitted in next broad meeting.
This includes strict compliance with the data protection regulation and according record and
storing the data. Also, the assess of data will be made restricted with installation of password
which will be given to senior authorities only and those personnels which require the access
frequently regarding the work related operation only (The Risk Management Process-A Practical
Technique for Identifying Risks, 2019). For reduction of the consequence of the risks related with
record management effective system is required to in applied in the Upskilled so as to mitigate
the changes of unauthorised access to the data. The data recording system made be such where
data is kept safe with no external access and this will ensure in mitigating the risk related with
security of information as well as breach of confidentially within organisation. There risk is
entered in the risk management register as moderately serious which required low level effort in
order to reduce the changes of its occurrences as well as mitigate the potential consequences.
5 Monitoring the risk:
This is the last stage of the risks management process where the implementation of the
plans and procedures are looked into and the gaps are identifies. Reviews, feedbacks and
suggestions are also taken so as to see the level of implementation and the effectiveness of the
measures taken. For the pans and action taken for the risk of record management monitoring will
be done by recording the progress in the Risk register of Upskilled. In this the evaluation of the
data recording will be done by seeing that how effectively the data and recorded and storage as
per data protection regulations (Giannakis and Papadopoulos, 2016). Apart from the system on
ingratiation access will also be reviewed and the management and relevant employee's feedbacks
will also be taken over the effectiveness of the plan and see effective is the implementation. This
will be done so the efficiency of the irks management can be seen as whether the plans is a
success in mitigating or minimising the risk related with the recorded management over the
security threat breach and confidentiality breach. With monitoring stage the risk management
process for a risk comes to end and monitoring continues over a period for checking the
effectiveness and ensure implementation of the risk management plan in Upskilled.
II. Procedure for mitigating the risk of data breach:
The risk management process is not confined to identification of a single risk rather it
aims as determination and evaluation of the risks which are prevailing in the organisation and
can have major impact on the company's performance and objectivity either in long or short
term. In this precess the risk management teams have identified another risk for the Upskilled
which is explained below:
1. Identification of risk: the second risk identified for Upskilled is treated with the data
breach which means the data of the organisation been accessed and used by unauthorized person
which directly point out the effectiveness of the data protection of the business. With the incident
of the stolen laptop of the trainee while meeting client the seriousness of the event was
recognized as the data and personal information are left vulnerable with an edge of being
misused ( Kliem and Ludin 2019). The risk of data breach can be defined as the illegal accessing
to the data and breaking into the security system of the organization to have unauthorized access
to the information. The risk of data breach have a potential to effect the working pattern of the
business Upskilled raise a question over the process of how effectively it handle the data and
information and what are lags faced while implementing he securities over data access.
2. Analysis of the risk: data breach of the risk have been given a likelihood of
occurrence at high level and this is identified to have a higher level of risk. The data breach is the
risk which have a high occurrence potential and this can be seen form the past event of stolen
laptop form the trainee of Upskilled (Tupa, Simota and Steine 2017). This have made the risk
more prominent where a data and private information of the client of Upskilled have gone to
wrong hands and there are chances that the information can be used for illegal and wrong
purposes. This riks can have a direct impact on the working of the organisation and case rise a
question over the functioning of the company. The consequences are may and the biggest one is
related with letting the clients private data and information in the hands of unknown person who
will be done so the efficiency of the irks management can be seen as whether the plans is a
success in mitigating or minimising the risk related with the recorded management over the
security threat breach and confidentiality breach. With monitoring stage the risk management
process for a risk comes to end and monitoring continues over a period for checking the
effectiveness and ensure implementation of the risk management plan in Upskilled.
II. Procedure for mitigating the risk of data breach:
The risk management process is not confined to identification of a single risk rather it
aims as determination and evaluation of the risks which are prevailing in the organisation and
can have major impact on the company's performance and objectivity either in long or short
term. In this precess the risk management teams have identified another risk for the Upskilled
which is explained below:
1. Identification of risk: the second risk identified for Upskilled is treated with the data
breach which means the data of the organisation been accessed and used by unauthorized person
which directly point out the effectiveness of the data protection of the business. With the incident
of the stolen laptop of the trainee while meeting client the seriousness of the event was
recognized as the data and personal information are left vulnerable with an edge of being
misused ( Kliem and Ludin 2019). The risk of data breach can be defined as the illegal accessing
to the data and breaking into the security system of the organization to have unauthorized access
to the information. The risk of data breach have a potential to effect the working pattern of the
business Upskilled raise a question over the process of how effectively it handle the data and
information and what are lags faced while implementing he securities over data access.
2. Analysis of the risk: data breach of the risk have been given a likelihood of
occurrence at high level and this is identified to have a higher level of risk. The data breach is the
risk which have a high occurrence potential and this can be seen form the past event of stolen
laptop form the trainee of Upskilled (Tupa, Simota and Steine 2017). This have made the risk
more prominent where a data and private information of the client of Upskilled have gone to
wrong hands and there are chances that the information can be used for illegal and wrong
purposes. This riks can have a direct impact on the working of the organisation and case rise a
question over the functioning of the company. The consequences are may and the biggest one is
related with letting the clients private data and information in the hands of unknown person who
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
can misuse the same and this raise the risk for clients and question the trust they have put in the
Upskilled.
3. Evaluation of risk: The risk of data breach can be eventuated as determining the
raking of risk which is assigned as 4.5 out of 5.This mass this risk is very high and can lead the
organisation to have a negative impact of the organisation reputation and working style (Aven,
2016). With combine evaluation of the likelihood of the occurrence and potential of its
consequence have determined this risk to have a higher level of impact on the working pattern of
the organisation.
4. Treatment of the risk: Risk in uncertain where all the risk has been occurred due to
the lose of hardware which contains all the personnel information and data of the clients and then
it can lead to the misuse of all the data and information by other person. It is necessary to have
an treatment of the risk where all the risk has been analysed and evaluates in the form of
planning during this stage of treatment of the risk it needs many planning to treat the risk and
also solve the problems which has been arisen on the organization(Bessis, 2015).
There are so many risk of mitigating the risk of data breach where all the data and
information has been reducing the probability of all the negative risk which easily enhance the
opportunities of Upskilled. It also creates so many strategies of reducing the risk and also plans
for preventing the risk through some plan and strategies. From making the strategies it prevents
the risk and measure the risk through highest ranking and also analyse the most serious risk of
the organization(Hopkin, 2018).
5 Monitoring the risk: all the risk has been monitored by the legal team and risk
management committee where they identified the occurrence of risk and also how to prevent the
risk in a better manner. Monitoring the risk means tracking the reviews by the committee for
monitoring it and also it has been resolved by the legal team and risk management committee to
find out the solution for reducing the risk of the organisation. It needs so much tight security for
securing the data and information of the organization which can not lead to misuse of the data
and information and prevent through major risk of the company.
It generally means monitoring the things by the risk management team and legal
committee for preventing the risk and problems. There are so many risks has been occurred
according to the time in the organization where the organization management come out with so
Upskilled.
3. Evaluation of risk: The risk of data breach can be eventuated as determining the
raking of risk which is assigned as 4.5 out of 5.This mass this risk is very high and can lead the
organisation to have a negative impact of the organisation reputation and working style (Aven,
2016). With combine evaluation of the likelihood of the occurrence and potential of its
consequence have determined this risk to have a higher level of impact on the working pattern of
the organisation.
4. Treatment of the risk: Risk in uncertain where all the risk has been occurred due to
the lose of hardware which contains all the personnel information and data of the clients and then
it can lead to the misuse of all the data and information by other person. It is necessary to have
an treatment of the risk where all the risk has been analysed and evaluates in the form of
planning during this stage of treatment of the risk it needs many planning to treat the risk and
also solve the problems which has been arisen on the organization(Bessis, 2015).
There are so many risk of mitigating the risk of data breach where all the data and
information has been reducing the probability of all the negative risk which easily enhance the
opportunities of Upskilled. It also creates so many strategies of reducing the risk and also plans
for preventing the risk through some plan and strategies. From making the strategies it prevents
the risk and measure the risk through highest ranking and also analyse the most serious risk of
the organization(Hopkin, 2018).
5 Monitoring the risk: all the risk has been monitored by the legal team and risk
management committee where they identified the occurrence of risk and also how to prevent the
risk in a better manner. Monitoring the risk means tracking the reviews by the committee for
monitoring it and also it has been resolved by the legal team and risk management committee to
find out the solution for reducing the risk of the organisation. It needs so much tight security for
securing the data and information of the organization which can not lead to misuse of the data
and information and prevent through major risk of the company.
It generally means monitoring the things by the risk management team and legal
committee for preventing the risk and problems. There are so many risks has been occurred
according to the time in the organization where the organization management come out with so
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
many strategies and plan to monitor the risk in so many risks and secure their personnel data and
information and clients as well(Mechler and Schinko, 2016).
III. Procedure for mitigating the risk of loss of records
1. Identification of risk:- when all the records and data has been damaged and lost,
where all the data has been lost and it has been identified by the Up-skilled that it is a major risk
for the clients because all the information and data is lost and it can be unauthorized manner
where all the data can lead to misused of clients data. It is important to identify all risk which has
been occurred at the time of lost the data and information(Waemustafa and Sukri, 2016).
There are so many things which has been affected by losing the data because it directly
affects the outcomes of the Up-skilled. There are so many tools and techniques which has been
identified the risk of all the recorded data of overall organization. It is one of the first and
foremost step of risk management where there are so many risks has been occurred due to the
theft of data and information and sometimes it is harmful for the Up-skilled to lose the data and
information(Ford and et.al., 2018).
2. Analysis of the risk:- it is necessary and significant to analyse the risk because it
determines the consequences and likelihood of each and every risk which has been occurred
when the data and information has been theft and lost. Up skilled has to develop the
understanding the creation of the risk because it directly affects the goals and objectives of the
organization. Analysing the risk is a type of procedure where it helps in find out and managing
the potential problems and conflicts which has been determined the initiatives that taken by the
business. For carrying out the analysis it must be identified by the Up-skilled the possibles
threats which has been faced and also making a estimation for the likelihood that all the threats
has been centralized. It also identified the negative impact of the risk and also helping the
company to avoiding the risk and mitigate on those risks(Bouwer, 2019).
3. Evaluation of risk:- it has been evaluated and also the rank of the risk which has been
determined the magnitudes of the risk.. it is the combination of the consequences and likelihood
as well. It makes decisions about the risk which has been acceptable or serious enough for
accepting the risk. Risk evaluation is easily allowed to determine the important risk of the Up-
skilled which has been decided whether it has been accepted for the particular risk and all the
actions has been taken according to the evaluation of the risk and also reducing the risk of the
information and clients as well(Mechler and Schinko, 2016).
III. Procedure for mitigating the risk of loss of records
1. Identification of risk:- when all the records and data has been damaged and lost,
where all the data has been lost and it has been identified by the Up-skilled that it is a major risk
for the clients because all the information and data is lost and it can be unauthorized manner
where all the data can lead to misused of clients data. It is important to identify all risk which has
been occurred at the time of lost the data and information(Waemustafa and Sukri, 2016).
There are so many things which has been affected by losing the data because it directly
affects the outcomes of the Up-skilled. There are so many tools and techniques which has been
identified the risk of all the recorded data of overall organization. It is one of the first and
foremost step of risk management where there are so many risks has been occurred due to the
theft of data and information and sometimes it is harmful for the Up-skilled to lose the data and
information(Ford and et.al., 2018).
2. Analysis of the risk:- it is necessary and significant to analyse the risk because it
determines the consequences and likelihood of each and every risk which has been occurred
when the data and information has been theft and lost. Up skilled has to develop the
understanding the creation of the risk because it directly affects the goals and objectives of the
organization. Analysing the risk is a type of procedure where it helps in find out and managing
the potential problems and conflicts which has been determined the initiatives that taken by the
business. For carrying out the analysis it must be identified by the Up-skilled the possibles
threats which has been faced and also making a estimation for the likelihood that all the threats
has been centralized. It also identified the negative impact of the risk and also helping the
company to avoiding the risk and mitigate on those risks(Bouwer, 2019).
3. Evaluation of risk:- it has been evaluated and also the rank of the risk which has been
determined the magnitudes of the risk.. it is the combination of the consequences and likelihood
as well. It makes decisions about the risk which has been acceptable or serious enough for
accepting the risk. Risk evaluation is easily allowed to determine the important risk of the Up-
skilled which has been decided whether it has been accepted for the particular risk and all the
actions has been taken according to the evaluation of the risk and also reducing the risk of the
organization. From evaluating the risk it considers the probability and consequences of each and
every risk in the organization(Choi, Park and Kim, 2019).
4. Treatment of the risk: This is the 4 step of the risk management where the treatment
of the risk has been done. It refers to the planning for responding on the risk. During this stage it
asses the highest rank of the risk and also set out the plans for treating the risk. It also modified
and customized risk for achieving the acceptable risk levels of the organization. In this it reduces
the probability of the risk and also all the negative risk which has been occurred.
In this stage of the treatment of risk where all the strategies, contingency and preventing
plan has been made for reducing the risk in this stage. It basically means there are so many
treatments which has been needed at the time of managing the risk such as; organization has to
improve the security of the data and information which has been collected where they have to
make a software for their hardware which does not hacked by any of other person at time of
losing the data(Lane, 2019). It needs to be access that all the data has been putting by the Up-
skilled in tight security and overall Up skilled needed protection of data and also they have to
install the software which protect the data after losing it and can not be hacked by any of one
after losing.
5 Monitoring the risk: This is the last stage where it takes the data into the risk register
and it has been used to monitor it. In this it easily reviews and track the risk of the organization
and also which has been occurred randomly. Risk is all about uncertainty where it has been put
all the frameworks around the uncertainty in the organization. It basically means that Up skilled
can move the risk much more confidentially for achieving the goals and objectives. From
managing and identifying the comprehensive lists of the risk which has been arises. Risk
management procedure always help the Up-skilled to solving the problems which has been
occurred because all the problems has been occurred randomly(Lopez, Surminski, and
Serdeczny, 2019).
Risk monitoring basically means controlling and tracking the risk and it is basically
included the residual risk, identification of the risk and also the new risk which has been
randomly arises. It generally monitors the execution of all the planned strategies and also
evaluates the effectiveness of the risk of losing the data. Monitoring and reviewing of the risk
should be planned and main part of the risk where it included the regular checking of the risk
occurrence and management. There are so many changes which has been evaluated for
every risk in the organization(Choi, Park and Kim, 2019).
4. Treatment of the risk: This is the 4 step of the risk management where the treatment
of the risk has been done. It refers to the planning for responding on the risk. During this stage it
asses the highest rank of the risk and also set out the plans for treating the risk. It also modified
and customized risk for achieving the acceptable risk levels of the organization. In this it reduces
the probability of the risk and also all the negative risk which has been occurred.
In this stage of the treatment of risk where all the strategies, contingency and preventing
plan has been made for reducing the risk in this stage. It basically means there are so many
treatments which has been needed at the time of managing the risk such as; organization has to
improve the security of the data and information which has been collected where they have to
make a software for their hardware which does not hacked by any of other person at time of
losing the data(Lane, 2019). It needs to be access that all the data has been putting by the Up-
skilled in tight security and overall Up skilled needed protection of data and also they have to
install the software which protect the data after losing it and can not be hacked by any of one
after losing.
5 Monitoring the risk: This is the last stage where it takes the data into the risk register
and it has been used to monitor it. In this it easily reviews and track the risk of the organization
and also which has been occurred randomly. Risk is all about uncertainty where it has been put
all the frameworks around the uncertainty in the organization. It basically means that Up skilled
can move the risk much more confidentially for achieving the goals and objectives. From
managing and identifying the comprehensive lists of the risk which has been arises. Risk
management procedure always help the Up-skilled to solving the problems which has been
occurred because all the problems has been occurred randomly(Lopez, Surminski, and
Serdeczny, 2019).
Risk monitoring basically means controlling and tracking the risk and it is basically
included the residual risk, identification of the risk and also the new risk which has been
randomly arises. It generally monitors the execution of all the planned strategies and also
evaluates the effectiveness of the risk of losing the data. Monitoring and reviewing of the risk
should be planned and main part of the risk where it included the regular checking of the risk
occurrence and management. There are so many changes which has been evaluated for
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 19
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.