Step 12. Dealing with Risk
Assess Risk frequently and/or prior to entering the next phase of a project or activity.
- List ‘risks’ on a matrix, assign a severity value to each risk.
- Colors can be assigned to signify the level of risk.
- A high risk must have a plan, a medium risk should have a plan and a low risk need not have a plan.
Risk Categories for a project might be;
- Complexity
- Plan
- Customer
- Project Team
Additional categories might include; Finance, Physical Security, Cyber Security, and Safety. Do not restrain the categories.
Use the same concept for Business Continuity and Disaster Recovery plans. More detail will be required for these activities.