Risk register

When we look at the overall risk for the company we will use a risk register. This is a list of all of the risks a company could face. The risk to the finance department with be assessed by a the financial director and IT—related risk would be looked at by the IT manager. Each department can identify the assets, classify them, and decide on the risk treatment. The financial director and IT manager are known as risk owners—they are responsible for them:

Ser

Date

Owner

Description

Probability

Impact

Severity

Treatment

Contingency

Action taken

1

01/05/18

IT Manager

Loss of Switch

Low

High

High

Transfer—2—hour fix SLA

Purchase spare switch

02/05/2018

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.