Section 9.83 Risk Identification Flashcards
Objective 5.2: Explain elements of the risk management process
Risk Identification
■ Crucial first step in risk management which nvolves recognising potential risks that could impact an organization
■ Risks can vary from financial and operational to strategic and reputational
Risk Identification
Techniques
● Brainstorming
● Checklists
● Interviews
● Scenario Analysis
■ Organization should consider a wide range of risks, including operational, financial, strategic, and reputational risks
■ Document and analyze risks based on impact and likelihood
Business Impact Analysis (BIA)
Process that involves evaluating the potential effects of disruption to an oganisations business functions and processes
■ Identifies and prioritises critical functions
■ Assesses impact of risks on functions
■ Determines required recovery time for functions after disruption
Key Metrics in Business Impact Analysis
Recovery Time Objective (RTO)
○ Maximum acceptable time before severe impact
○ Target time for restoring a business process
Key Metrics in Business Impact Analysis
Mean Time to Repair (MTTR)
○ Average time to repair a failed component or system
○ Indicator of repair speed and downtime minimization
Key Metrics in Business Impact Analysis
Recovery Point Objective (RPO)
○ Maximum acceptable data loss measured in time
○ Point in time data must be restored to
Key Metrics in Business Impact Analysis
Mean Time Between Failures (MTBF)
○ Average time between system or component failures
○ Measure of reliability