Articles
Welcome to our articles page. You will find articles on various aspects of Information Security and Business Continuity promulgated here. This is done on an ongoing basis for free of cost for your education. We emphasize your cooperation to refrain from redistributing our content for commercial purposes without our prior written consent. However, you are free to use it for your personal (educational and research) purposes or to implement a certain roadmap or strategy in your organization.
We partner with CyAlpha — a Calgary-based Cyber consulting firm, to offer you the above services.
Business Continuity Planning: Conducting the risk assessment and reporting
Once your team has prepared for the risk assessment phase, you should identify the risks to the key processes (and their dependencies, including manpower, office, information and hardware). Once identified, these risks should be analyzed and ultimately their severity and likelihood should be evaluated. These findings should then be discussed with enterprise risk teams, GRC, department heads, presented to the applicable committee(s) and transferred to your enterprise risk management team for tracking.
Business continuity planning: Preparing to conduct the risk assessment
Once the business impact reporting is done, preparation to conduct risk assessment must commence. The scope and context for the risk assessment must be defined and the analysts must be identified. A framework to conduct the risk assessment must be developed or adopted, depending on the availability of such a framework in your organization. Then you need to conduct a workshop with the risk management team to discuss your plan, incorporate their feedback and then present the strategy for this phase of the program to the committee and the champions.