logging in or signing up Risk Management ShivaniTomer Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 324 Category: Business & Fin.. License: All Rights Reserved Like it (0) Dislike it (0) Added: April 09, 2011 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript IT RISK MANAGEMENT - PRACTICAL APPROACH: IT RISK MANAGEMENT - PRACTICAL APPROACH Presented By- Shivani TomerWHAT IS RISK : WHAT IS RISK Risk is the likelihood that the hazard will cause harm or loss , together with the severity of that harm or loss . Risk management- “The total systematic process to identify, control, and manage the impact of uncertain harmful events, commensurate with the value of the protected assets.” “Today’s risk might be tomorrow’s Problem”IT & Practical approach: IT & Practical approach A practical approach to Risk management will accommodate flexibility and adaptability to diverse software projects by stressing early prototyping, frequent functional builds, and a set of metrics to provide management insight during software development . IT is the area of managing technology and spans widevariety of areas that include but are not limited to thingsuch as processes, computer software , information systems , computer hardware , programming languages , and data constructs.IT includes anything that renders data, information or perceived knowledge .Need of it risk management:- : Need of it risk management :- Higher education’s network infrastructure is both a direct target and a source of hijacked bandwidth IT security efforts are required at all network levels -- difficult to manage More sophisticated and dangerous exploits and attacks are released daily Potential for terrorist attacks or natural disastersRoles of it risk management: Roles of it risk management Risk management as an opportunity not just to protect the firm, but to drive improvements in IT management and business outcomes IT executives can use risk to justify important investments that might not have a clear financial return. IT managers can improve alignment and understanding, both in IT and the business, by discussing IT risk considerations in terms of four key enterprise risks: - Availability, Access, Accuracy &Agility.IT-RM INCLUDES.. : IT-RM INCLUDES.. IT Mission Impact Analysis IT Risk Assessment IT Mission Continuity Planning Evaluation and ReassessmentRISK HANDLING: RISK HANDLINGIT RISK MANAGEMENT LIFECYCLE: IT RISK MANAGEMENT LIFECYCLERISK MANAGEMENT TECHNIQUES: RISK MANAGEMENT TECHNIQUESThree disciplines:: Three disciplines : Organizations build effective IT risk management capability through three disciplines : A ) Foundation : A base of infrastructure, applications and supporting personnel which is well-structured, well-managed, and no more complex than absolutely necessary. B) Risk governance process : Procedures and policies that provide an enterprise-level view of all IT risks, so that managers can prioritize risks and invest appropriately. C) Risk aware culture : A culture in which everyone has appropriate knowledge of risk, and in which open, non-threatening discussions of risk are the norm.possible methods for handling risk:-: possible methods for handling risk:- Strong support of executive management Design team composed of members from throughout the University to develop a comprehensive, centralized program Identify common IT security risks and put together a process and templates for departments to use Individual departments review those common risks, determine what specific risks exist for inclusion into the processUSING RISK MANAGE MENT.. : USING RISK MANAGE MENT.. The starting point is the Action Plan : Allocate responsibilities, e.g., a Risk Management Champion and a working party. Evaluate how Risk Management processes can be best applied in your national environment. Survey existing skills and do a training needs assessment. Catalogue existing sources of data or information that can help in identifying risks.…..continued……. : …..continued……. Flow chart existing processes. Communicate and consult – within Customs, with other Agencies, the trading community and transport industry. Obtain IT tools or set up processes for effectively operating a selectivity system. Provide training in profiling/selectivity skills. Test and gain confidence in the Risk Management process.Planned IT Security Risk Management Program: Planned IT Security Risk Management Program University-wide, including Medical Center Information on current threats, templates, checklists, and other guidance provided Four steps of program: IT Mission Impact Analysis IT Risk Assessment IT Mission Continuity Planning Evaluation and Reassessment: “Technology………… is a queer thing. It brings you great gifts with one hand, and it stabs you in the back with the other.” You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Risk Management ShivaniTomer Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 324 Category: Business & Fin.. License: All Rights Reserved Like it (0) Dislike it (0) Added: April 09, 2011 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript IT RISK MANAGEMENT - PRACTICAL APPROACH: IT RISK MANAGEMENT - PRACTICAL APPROACH Presented By- Shivani TomerWHAT IS RISK : WHAT IS RISK Risk is the likelihood that the hazard will cause harm or loss , together with the severity of that harm or loss . Risk management- “The total systematic process to identify, control, and manage the impact of uncertain harmful events, commensurate with the value of the protected assets.” “Today’s risk might be tomorrow’s Problem”IT & Practical approach: IT & Practical approach A practical approach to Risk management will accommodate flexibility and adaptability to diverse software projects by stressing early prototyping, frequent functional builds, and a set of metrics to provide management insight during software development . IT is the area of managing technology and spans widevariety of areas that include but are not limited to thingsuch as processes, computer software , information systems , computer hardware , programming languages , and data constructs.IT includes anything that renders data, information or perceived knowledge .Need of it risk management:- : Need of it risk management :- Higher education’s network infrastructure is both a direct target and a source of hijacked bandwidth IT security efforts are required at all network levels -- difficult to manage More sophisticated and dangerous exploits and attacks are released daily Potential for terrorist attacks or natural disastersRoles of it risk management: Roles of it risk management Risk management as an opportunity not just to protect the firm, but to drive improvements in IT management and business outcomes IT executives can use risk to justify important investments that might not have a clear financial return. IT managers can improve alignment and understanding, both in IT and the business, by discussing IT risk considerations in terms of four key enterprise risks: - Availability, Access, Accuracy &Agility.IT-RM INCLUDES.. : IT-RM INCLUDES.. IT Mission Impact Analysis IT Risk Assessment IT Mission Continuity Planning Evaluation and ReassessmentRISK HANDLING: RISK HANDLINGIT RISK MANAGEMENT LIFECYCLE: IT RISK MANAGEMENT LIFECYCLERISK MANAGEMENT TECHNIQUES: RISK MANAGEMENT TECHNIQUESThree disciplines:: Three disciplines : Organizations build effective IT risk management capability through three disciplines : A ) Foundation : A base of infrastructure, applications and supporting personnel which is well-structured, well-managed, and no more complex than absolutely necessary. B) Risk governance process : Procedures and policies that provide an enterprise-level view of all IT risks, so that managers can prioritize risks and invest appropriately. C) Risk aware culture : A culture in which everyone has appropriate knowledge of risk, and in which open, non-threatening discussions of risk are the norm.possible methods for handling risk:-: possible methods for handling risk:- Strong support of executive management Design team composed of members from throughout the University to develop a comprehensive, centralized program Identify common IT security risks and put together a process and templates for departments to use Individual departments review those common risks, determine what specific risks exist for inclusion into the processUSING RISK MANAGE MENT.. : USING RISK MANAGE MENT.. The starting point is the Action Plan : Allocate responsibilities, e.g., a Risk Management Champion and a working party. Evaluate how Risk Management processes can be best applied in your national environment. Survey existing skills and do a training needs assessment. Catalogue existing sources of data or information that can help in identifying risks.…..continued……. : …..continued……. Flow chart existing processes. Communicate and consult – within Customs, with other Agencies, the trading community and transport industry. Obtain IT tools or set up processes for effectively operating a selectivity system. Provide training in profiling/selectivity skills. Test and gain confidence in the Risk Management process.Planned IT Security Risk Management Program: Planned IT Security Risk Management Program University-wide, including Medical Center Information on current threats, templates, checklists, and other guidance provided Four steps of program: IT Mission Impact Analysis IT Risk Assessment IT Mission Continuity Planning Evaluation and Reassessment: “Technology………… is a queer thing. It brings you great gifts with one hand, and it stabs you in the back with the other.”