Being aware of IT’s greatest risks is not enough.

This phase will help you:

  • Actively monitor threats and vulnerabilities.
  • Identify risk response actions that will address top risks.
  • Perform cost-benefit analyses to assess the effectiveness and appropriateness of risk responses.
  • Create a strong paper trail and obtain sign-off for key risk recommendations.
  • Communicate IT risk management up to senior leadership and down to IT personnel.

Also In

Build a Business-Driven IT Risk Management Program

Hope is not a risk management strategy.

Related Content


Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.