User Tools

Site Tools


Sidebar

Welcome to DIDO WIKI

dido:public:ra:xapend:xapend.a_glossary:i:it_risk_management

Information Technology (IT) Risk Management

Return to Glossary

Information Technology (IT) Risk Management is a process done by IT managers to allow them to balance economic and operational costs related to using protective measures to achieve nominal gains in capability brought about by protecting the data and information systems that support an organization’s operations.

As a general rule, risk is defined as the product of the likelihood of occurrence and the impact an even could have. In IT, however, risk is defined as the product of the asset value, the system's vulnerability to that risk and the threat it poses for the organization.

IT risks are managed according to the following steps:

  1. Assessment: Each risk is discovered and assessed for severity
  2. Mitigation: Countermeasures are put in place to reduce the impact of particular risks
  3. Evaluation and Assessment: At the end of a project, the effectiveness of any countermeasures (along with their cost-effectiveness) is evaluated. Based on the results, actions will be taken to improve, change or keep up with the current plans.

Source: https://www.techopedia.com/definition/25836/it-risk-management

dido/public/ra/xapend/xapend.a_glossary/i/it_risk_management.txt · Last modified: 2022/04/12 18:51 by nick
Translations of this page: