Essay about Characteristics Of Good Risk Scenarios
It is very important for risk scenarios to be realistic and unbiased so that the management feel assured while taking decisions. According to COBIT (2014), a risk scenario should have the following characteristics to add real value to risk analysis.
• Relevance – Scenarios should be result in derivation of meaningful information that would help support decision making. The scenarios needs to be customized as per the market and industry in which the organization operates to improve the relevance of the scenario.
• Consistency – Each scenario must be complete and convincing by itself.
• Plausibility – The risk scenarios should be believable.
• Likelihood – There should be certain probability for the scenario to occur
• Timely – Scenarios must be relevant to the current trends and events.
5.3 Associating Risks to Risk Categories and Risk Types
Once the risk scenarios have been established, it is important to classify the risks into categories like Security policy, internal control, organization, environmental, information risk management etc., and also associate each risk to a risk type (Moeti & Kalema, 2014). Categorizing and associating risks with risk types would aid management to prioritize the risks that needs to be mitigated, and make investment decisions required to implement controls to tackle the threats and vulnerabilities in the organization IT landscape.
According to COBIT (2014), each risk scenario can be associated to any…