Processes

Establish mitigation approaches for IT risks

How establish mitigation approaches for it risks are reshaped as AGI capability advances.

ProcessesEstablish mitigation approaches for IT risks
Establish mitigation approaches for IT risks — illustrated

Related articles

No articles yet for this entity.

Recent capability events

No capability events for this entity yet.

How the work flows

Trigger: An IT risk assessment identifies a vulnerability or threat that exceeds the organization's acceptable risk tolerance.

  1. Review prioritized IT risks and their assessed impact
  2. Evaluate alternative risk treatment options
  3. Design specific control activities and action plans
  4. Estimate costs and resource requirements for proposed controls
  5. Obtain executive approval for the chosen mitigation strategy
  6. Document the approved mitigation plan in the IT risk register

Outcome: A structured, resourced, and management-approved mitigation plan is established to reduce the IT risk to an acceptable level.

Measured by

Mitigation Plan Cycle TimePercentage Of Risks With Mitigation PlansMitigation Cost To Impact Ratio