IT:AD:Risk Asessment
Summary
Notes
- Assess → Respond → Monitor
- Qualitative (High/Medium/Low) v. Quantitive (number based) Assessments
- Business are more Quantitative Numbers.
- Single Loss Expectancy (SLE)
- Annulized Rate of Occurance (ARO)
- Annulised Losss of Of Expectancy (ALE)
Risk Assessment
Likelihood (1-5) versus Consequences (1-5)
Likelihood (Rare|Unlikely|Moderate|Likely|Almost Certain) Consequences (INsignificant|Minor|Sig|Major|Severe)
Low to High..
- ISO-30000-1209
RISKS can be: * Eliminated, Substituted, Controlled (isolation and guarding), Administered (training/work scheduling), Personal Protective Equipement (PPE).
- CCSB: Accept, Avoid, Mitigate, Transfer the risk.