photo by: vladimir tatarevic

IT Risk Management

Continuous monitoring of IT risks in accordance with the dynamics of changes in the business and IT environments is important issue to all organizations in which business processes are critically dependent on information technology.

IT risk management process as a part of the comprehensive risk management system in an organization should include the following: 

  • risk identification
  • measurement
  • assessment
  • mitigation
  • monitoring and control.

Belox is providing consultancy services in the following areas:

  • methodology for IT risk management
  • definition of IT Risk Management Process
    • definition of roles and responsibilities across the organization related to IT risk management
    • establishment of risk register
  • risk evaluation
    • collect data: prepare risk scenarios, conduct risk-identification workshop, establish process touch points for risk updating and link the impact assessment with the business impact analysis (BIA)
    • analyze risk: use a standard table for defining likelihood and Impact
    • maintain risk profile: update and maintain the risk register to develop the risk profile by aggregating departmental risk
  • risk response
    • articulate risk: establish a process for defining risk response and communicating to stakeholders
    • manage risk: maintain a control catalog with risk mapping, and define the review process
    • react to events: establish a link to incident management, change management and operations management to review risk.
  • training and couching activities.

Business is more exciting than any game.

Lord Beaverbrook