Translating a Risk Assessment into a Risk Mitigation Plan

The next step is to translate the risk assessment into a risk mitigation plan. The mitigation plan will include the details on how and when to implement the countermeasures.

Here are three important considerations when developing the mitigation plan:

  • Cost to implement the countermeasures
  • Time to implement the countermeasures
  • Operational impact of the countermeasures

Cost to Implement

Many of the countermeasures to be implemented will need to be purchased. Therefore, being able to accurately identify the costs of these countermeasures is important. On the surface, the cost of the countermeasure may be simple to calculate. However, there are frequently hidden costs.

Costs can include ...

Get Managing Risk in Information Systems, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.