O'Reilly logo

Business Continuity Management: In Practice by Stuart Hotchkiss

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Risk lifecycle

Below is the recommended cycle of events:

Figure 5.1 Lifecycle of risk analysis and management

The above cycle works on a regular basis. Once per year or every two years should suffice. Some regulations say or imply that this should be yearly but the more common view, and one which an auditor would like to see, is that the risk exercise is done at least every two years or when there are major changes in perceived threats.

The steps are these:

Review threats with stakeholders to agree risk areas

Go through an exercise with stakeholders and, in particular, the functional departments to agree which areas of threat represent areas ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required