Translating a Risk Assessment into a Risk Mitigation Plan

The next step is to translate the risk assessment into a risk mitigation plan. The mitigation plan will include the details on how and when to implement the countermeasures.

Here are three important considerations when developing the mitigation plan:

  • Cost to implement the countermeasures
  • Time to implement the countermeasures
  • Operational impact of the countermeasures

Cost to Implement

Many of the countermeasures to be implemented will need to be purchased. Therefore, being able to accurately identify the costs of these countermeasures is important. On the surface, the cost of the countermeasure may be simple to calculate. However, there are frequently hidden costs.

Costs can include ...

Get Managing Risk in Information Systems, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.