Risk Management
Read this page and watch the video to learn more about the purpose of risk management and the four stages of the risk management process. Before you move on, make sure you have a good understanding of the formulas, and that you are able to use the formulas on this page to calculate single loss expectancy (SLE), annual rate of occurrence (ARO), and annual loss expectancy (ALE).
Instruction
Risk Inventory
The risk inventory is done to create a checklist of potential risks to evaluate the likelihood of occurrence. Some organizations develop risk checklists based on past experiences. These checklists can be helpful in building a more comprehensive list. Identifying the sources of risk by category is another method for exploring potential risk. Some examples of categories for potential risks include the following:
- Equipment/Technical
- Human Factors
- System Vulnerabilities
- Malicious Attacks
- Theft
- Weather/Natural Disasters
- Financial/Cost
- Contractual
- Political/Legal
- Environmental/Physical
For example, a human factor risk would include the inability to find an employee with the skills needed to properly complete a task or protect resources.