6. IT Risk

Question 1

Risk

Answer 1

Probability * Impact

Question 2

Two conceptualizations of risk

Answer 2

• Risk as probable negative impact
• Risk as both negative and positive impact
  - Downside risk
  - Upside risk

Question 3

IT Risk

Answer 3

Potential for an unplanned event involving IT to threaten an enterprise objective.

Question 4

4A Framework

Answer 4

• Accuracy
• Availability
• Agility
• Access

Question 5

3 core disciplines of IT Risk management

Answer 5

1. Foundation: Remove the complexity of IT systems.
2. Create risk governance processes
3. Create a risk-aware culture

Question 6

Lowest priority

Answer 6

Low cost of protection, tolerable downside risk.

Question 7

Bear the risk

Answer 7

High cost of protection, tolerable downside risk.

Question 8

Capitalize costs of risk mitigation

Answer 8

High cost of protection, intolerable downside risk.

Question 9

Mitigate ASAP

Answer 9

Low cost of protection, intolerable downside risk.

Question 10

Crisis response strategies

Answer 10

• Defensive strategy
  - Denial
  - Excuse
• Accommodative strategy
  - Apology
  - Remedial actions
• Moderation strategy
  - Ingratiation
  - Justification
• Image renewal strategy
  - Correction commitment
  - Stakeholder commitment
  - Value commitment

Question 11

High reputable firm stocks

Answer 11

Not affected by crisis responses.

Question 12

Low reputable firm stock

Answer 12

Negatively influenced by: 
      - Defensive strategy
      - Accommodative strategy
Positively influenced by:
      - Moderation strategy
      - Image renewal strategy