Throughout all phases of risk management planning, the specific topic of discussion will be risk identification, awareness and communication. Risk Identification consists of determining which are likely to have an effect on the organization, and documenting the characteristics of each risk. Risk Awareness requires that all Defense Logistics Information employees and contractors be aware of what constitutes a risk and specific events or factors that could potentially impact the organization in a negative way.
Risk communication involves bringing risk factors or events to the attention of the IT Manager. It is the responsibility of Defense Logistics Information Services IT Manager to assist stakeholders with risk identification as well as documenting the identified risks. Defense Logistics Information Services IT department will address any new risk factors or events, and review them with the IT Manager during the monthly risk assessment meeting. Risk Responsibilities The responsibility of managing risk is shared amongst all stakeholders.
The decision authority for choosing whether to proceed with mitigation strategies is the Defense Logistics Information Services directors. Below are the specific responsibilities assigned for the different aspects of risk management (Northrop Grumman, 2007).
Risk Assessment Risk assessment involves two factors: determining the probability that a risk will occur, and the impact the risk would have if it does occur. Assessment of risk probability is the measurement of certainty that a risk will occur, and will be assigned a probability percentage from 1% to 100%.
The Term Paper on Evaluation of Comptronix Corporation: Identifying Inherent Risk and Control Risk Factors
1. Professional auditing standards present the audit risk model, which is used to determine the nature, timing, and extent of audit procedures. Describe the components of the model and discuss how changes in each component affect the auditor’s need for evidence. The audit risk model is used to determine the nature, timing, and extent of substantive audit procedures. The components of audit risk ...
A risk with no probability of occurring will be assigned a 1% probability, while a risk probability of 100% will be assigned to a risk event that has occurred. Assessment of risk impact should use a quantitative method whenever it is possible. The estimated cost, potential delays and reduction of quality are factors that can be estimated and documented in the risk statement. Risk Response For each risk identified a response must also be identified. It is the responsibility of the Defense Logistics Information Services directors to select the response for each risk.
Using the best possible assessment of the risk and the response options, the Defense Logistics Information Services directors can select the right response for each risk. The probability of a risk event occurring, and the impacts should it occur, will be the basis for determining which actions should be taken to mitigate the risk. One way to evaluate mitigation strategies is to multiply the risk cost times the probability of occurrence (Gibson, 2011).
Mitigation strategies that cost less than risk probability should be given great consideration.
Possible responses to risk are: * Avoidance – Change processes and objectives to avoid the risk. * Transference – Shift the impact of the risk to a 3rd party (i. e. contractor, insurance company).
Transferring the impact does not eliminate the risk, it simply shift responsibility. * Mitigation – Take steps to reduce the probability and impact of a risk. Mitigation may include early identification of risks, close monitoring, and auditing * Acceptance – Choosing to accept a risk is stating that with the probability of occurrence and the associated impact, no action will be taken.
The Term Paper on Risk Management Plan
... impact or probability of occurring. This may include prototyping, adding tasks to the project schedule, adding resources, etc. Any secondary risks that result from risk mitigation response ... of the risk response, if a risk event occurs. Participate in the review, re-evaluation, and modification of the probability and impact for each risk item on ...
If the risk event occurs, Defense Logistics Information Services directors will accept the cost and quality impacts caused by the event. Risk Mitigation Risk mitigation involves identifying the various steps to reduce the probability and impact of a risk, as well as the creation of a Business Continuity Plan and a Disaster Recovery Plan to address the risk should it occur. Taking early steps to reduce the probability of a risk occurring may be more effective than repairing damage after a risk has occurred.