Risk Assessment / Risk Management

As a business grows so does its IT use. Unless agreements, controls and procedures are put in place at an early stage it is all too easy for uncontrolled organic dependence of IT to develop. That is not to say that the use of IT should be placed an a series of straight-jackets, it is there to make life easier and to help your business grow. Creative use of IT can give you that competetive edge. Rather that how staff use IT need to me taken account of and any potential hazards mitigated.

There are all too many stories of laptops being found on trains containing with the personal details of thousands of people. There may have been legitimate reasons to have those data and if this had been highlighted as part of a review some remedial action such as encrypting the hard disc could have been taken.

Even with formal procedures and audits in place it is sometimes useful to get in a fresh pair of eyes to look at things with a new perspective.

Depending on the size of your business and reliance on IT the process and scope of assessing your IT risks will be different.

Probable areas to cover are: Licencing Disaster Planning/Recovery Backup and Restore Supply Chain/Support Agreements Real world vs intended use of systems Security