<Final Draft >
TABLE OF CONTENTS
1 INTRODUCTION 1
1.1 Purpose 1
2 risk management Procedure 1
2.1 Process 1
2.2 Risk Identification 1
2.3 Risk Analysis 1
2.3.1 Qualitative Risk Analysis 1
2.3.2 Quantitative Risk Analysis 1
2.4 Risk Response Planning 1
2.5 Risk Monitoring and Controlling 1
3 Tools And Practices 1 risk management plan approval 2
APPENDIX A: REFERENCES 3
APPENDIX B: KEY TERMS 4
The purpose of risk management procedure is to properly guide a risk manager through the process of examining possible risk.
The steps necessary for responding to risk are: Analyze Evaluate Control
Analyze the current state of the IT network. What are the vulnerable points and what are the strong points. Where, when and how these risk can and will occur.
Evaluate what can happen if these risk occur and what will be the action taken to eliminate these risk.
Control the risk by stopping it and creating barriers to lessen and or eliminate the occurrence.
1.3 Risk Identification
The steps necessary for risk identification are: Identifying potential loss exposures Identifying common risks Security standards Continual risk identification
Identify potential losses and how they may harm the project. Once the risks have been identified, implement security standards which control and monitor the risks.
Continual risk identification strategies are to be put in place to continue to identify potential risks.
1.4 Risk Analysis
[Summarize the risk analysis process.]
1.4.1 Qualitative Risk Analysis Used risk probability to determine the ramifications, the likelihood and