business oriented risk assessment methodology iag
TRANSCRIPT
Business Oriented Risk Assessment & Management Methodology BRIAN KEITH SEITZINTELLECTUAL ARBITRAGE GROUP
Approach
Address elements of risk: Likelihood of Failure Consequence of Failure
To aid in prioritizing mitigation and avoidance strategies.
Brian Keith SeitzIntellectual Arbitrage Group.
Risk Elements
Likelihood of Failure Complexity Probability
Consequence of Failure Catastrophic (Human loss or injury) Critical (degrades business system beyond acceptable
limits, create shut-down or significant business loss ) Major (degrades business system beyond acceptable
limits, create business loss) Minor (doe not degrade business system beyond
acceptable limits)
Brian Keith SeitzIntellectual Arbitrage Group.
Determine Criticality
Brian Keith SeitzIntellectual Arbitrage Group.
When does a process failure become critical ?
• Time to critical effect to business• Time to repair and recover
What are the core Business processes ?• What must keep operating and when ?
Identify technology failure’s organizational effect
Brian Keith SeitzIntellectual Arbitrage Group.
• Map Technology to processes• Determine technology path fitness• Determine technology network risk
Risk Assessment Methodology
Brian Keith SeitzIntellectual Arbitrage Group.
Effect
Priority
Identify Business Processes
DetermineCritical Processes
IdentifySupporting Technology
DetermineTechnology’
Organizational Impact
Characterize Business Processes