A little-known aspect of risk management is the practice of visually mapping risks as a conceptual and cognitive tool. Using a variety of risk maps across the enterprise, within the overall context of a risk assessment process, can help IT departments forecast areas of vulnerability and act accordingly. Make risk mapping a valuable part of the IT department's skill set.

What Is Risk Mapping?

Risk mapping is a method of graphically portraying exposure to risk using two basic characteristics of risk: probability and consequence. These fundamental concepts help define business or IT risks and also serve as a foundation for dealing with risk. To better understand the importance of risk assessment, refer to the McLean Report research note, “Why You Need Formal Risk Management.” For an example of a basic risk map identifying threats that an IT department might encounter, see Figure 1.

Related Content

Hide Details

Search Code: 6012
Published: December 2, 2008
Last Revised: December 2, 2008


Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.