The next step is to translate the risk assessment into a risk mitigation plan. The mitigation plan will include the details on how and when to implement the countermeasures.
Here are three important considerations when developing the mitigation plan:
- Cost to implement the countermeasures
- Time to implement the countermeasures
- Operational impact of the countermeasures
Many of the countermeasures to be implemented will need to be purchased. Therefore, being able to accurately identify the costs of these countermeasures is important. On the surface, the cost of the countermeasure may be simple to calculate. However, there are frequently hidden costs.
Costs can include ...