Print this chapterPrint this chapter

Risk Management

Instruction

The Risk Management Process

The risk management process consists of three stages:

  • Risk analysis/assessment. This stage is designed to inventory or identify risk and classification of risk. Within the first stage, each risk event identified is recorded and examined to determine likelihood, current value of the asset and vulnerability exposure.

  • Risk response. The risk response stage requires the planning of processes and procedures to address each risk item identified in the first stage. These processes and procedures are typically called controls.

  • Evaluating and monitoring the implemented controls. This stage requires the organization to document, review and make continuous improvements or changes to manage risk.

Figure 2 – The risk management process