Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

Do you adequately assess risk in your service operations strategy and develop plans to reduce risks? If yes, how?

user-image
Question added by Deleted user
Date Posted: 2017/01/31
Deleted user
by Deleted user

Employ a Risk Management Framework. NIST SP-  defines a six-step RMF process that begins with categorizing your system, selecting safeguards and countermeasures, implementing these controls, assessing them for effectiveness and monitoring them to get real time psoture of your system and to maintain an acceptable level of risk. Incoorporating the RMF into the system or business devcelopment life cycle, reduces risks and cost of mitigating the risks that may show up later.

Assessing risk should happen through out this process as you develop the system or business with a risk assessment methodology that characterizes your system, checks for threats and vulnerabilities, determines impact if the threat was to exploit the vulnerability, consider the likelihood of that happening.  Risk is a function of threat and vulnerable.  Once risk is determined develop a point of action and milestones to address the risks that are unacceptable. 

Data collection is key to risk assessment. Use all available, ethical methods at your disposal to collect data on the systems about the description, criticality, sensitivity, etc. to contribute. Better still use and automated tool like OCTAVE, RiskWatch, etc for assessing risk in information systems and the information they contain.

Maher Ahmad
by Maher Ahmad , Head of Planning and Training Division , MOH

Thank you for the invitation.

This is one of the secret of our Organisation.

Sorry

DR MD ANWAR HOSSAIN
by DR MD ANWAR HOSSAIN , Moderator , bayt.com

Thank you for your invitation. I agree with colleagues answer & looking forward to new answer.

Ashraf E. Mahmoud (PhD)
by Ashraf E. Mahmoud (PhD) , University Lecturer, Freelancer Consultant and Trainer for Int'l Business & Banking TF. , FreeLancer

Thanks for invitation,

Yes of Course, this usually handling by the specialized "Risk Management " people, whom they are focusing and mentoring all types of risk and ensure how to mitigate in order to minimize its effect toward the organization. 

Asim Ali Khan
by Asim Ali Khan , Human Resources Director , Arab Media Group

Thank you for inviting me. I agree with our specialists here...................

Marwan Mohamed Mahmoud Ahmed
by Marwan Mohamed Mahmoud Ahmed , Projects scheduling and Controlling Manager , WE - Telecom Egypt

first we assess risks by using various techniques as ( brainstorming - meeting - expert judgment ......) 

after that we select the Risk owner and the Risk actionee then do the risk management plan 

 

after some milestones we assess and verify the risk effect ( periodically) ( high - moderate - low )

Omar Saad Ibrahem Alhamadani
by Omar Saad Ibrahem Alhamadani , Snr. HR & Finance Officer , Sarri Zawetta Company

Thanks 

I support the answer which given by colleague obaid 

Obaid ur Rehman
by Obaid ur Rehman , HR Executive , Al Bahr Al Arabi Marine Engineering Services

Yes. Strategy is always good if we have change margin in it according to the situations. Just analyze the situations, get updated to change to have idea about type and nature of  risk in future and the other ways and procedures to reduce it. It can be a team effort as well.