ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

Do you adequately assess risk in your service operations strategy and develop plans to reduce risks? If yes, how?

user-image
تم إضافة السؤال من قبل مستخدم محذوف‎
تاريخ النشر: 2017/01/31
مستخدم محذوف‎
من قبل مستخدم محذوف‎

Employ a Risk Management Framework. NIST SP-  defines a six-step RMF process that begins with categorizing your system, selecting safeguards and countermeasures, implementing these controls, assessing them for effectiveness and monitoring them to get real time psoture of your system and to maintain an acceptable level of risk. Incoorporating the RMF into the system or business devcelopment life cycle, reduces risks and cost of mitigating the risks that may show up later.

Assessing risk should happen through out this process as you develop the system or business with a risk assessment methodology that characterizes your system, checks for threats and vulnerabilities, determines impact if the threat was to exploit the vulnerability, consider the likelihood of that happening.  Risk is a function of threat and vulnerable.  Once risk is determined develop a point of action and milestones to address the risks that are unacceptable. 

Data collection is key to risk assessment. Use all available, ethical methods at your disposal to collect data on the systems about the description, criticality, sensitivity, etc. to contribute. Better still use and automated tool like OCTAVE, RiskWatch, etc for assessing risk in information systems and the information they contain.

Maher Ahmad
من قبل Maher Ahmad , Head of Planning and Training Division , MOH

Thank you for the invitation.

This is one of the secret of our Organisation.

Sorry

DR MD ANWAR HOSSAIN
من قبل DR MD ANWAR HOSSAIN , Moderator , bayt.com

Thank you for your invitation. I agree with colleagues answer & looking forward to new answer.

Ashraf E. Mahmoud (PhD)
من قبل Ashraf E. Mahmoud (PhD) , University Lecturer, Freelancer Consultant and Trainer for Int'l Business & Banking TF. , FreeLancer

Thanks for invitation,

Yes of Course, this usually handling by the specialized "Risk Management " people, whom they are focusing and mentoring all types of risk and ensure how to mitigate in order to minimize its effect toward the organization. 

Asim Ali Khan
من قبل Asim Ali Khan , Human Resources Director , Arab Media Group

Thank you for inviting me. I agree with our specialists here...................

Marwan Mohamed Mahmoud Ahmed
من قبل Marwan Mohamed Mahmoud Ahmed , Projects scheduling and Controlling Manager , WE - Telecom Egypt

first we assess risks by using various techniques as ( brainstorming - meeting - expert judgment ......) 

after that we select the Risk owner and the Risk actionee then do the risk management plan 

 

after some milestones we assess and verify the risk effect ( periodically) ( high - moderate - low )

Omar Saad Ibrahem Alhamadani
من قبل Omar Saad Ibrahem Alhamadani , Snr. HR & Finance Officer , Sarri Zawetta Company

Thanks 

I support the answer which given by colleague obaid 

Obaid ur Rehman
من قبل Obaid ur Rehman , HR Executive , Al Bahr Al Arabi Marine Engineering Services

Yes. Strategy is always good if we have change margin in it according to the situations. Just analyze the situations, get updated to change to have idea about type and nature of  risk in future and the other ways and procedures to reduce it. It can be a team effort as well.