Risk Assessment In Project Management

1884 Words 8 Pages
Register to read the introduction… The approach is adaptable for conducting the different types of risk assessments, whether it is for a personal computer (PC), large system or application, or whether it is for a system or application that is implemented or under development. It allows an informal review or short-form risk assessment to be conducted when it is determined that the system or application being assessed is, or will be, a microcomputer-based system.

1 2.1 Summary

Provide basic information about the project and the application system for which a risk analysis is being conducted.

1 2.1.1 Project Management Structure

Identify the project sponsor, sponsoring office project leader, and the estimated or actual start and end dates of a new or modified system project.

2 2.1.2 Project Staffing

Determine the approximate number of staff hours required (HUD personnel and contractors) and identify the expertise, knowledge, skills, and abilities needed by the project team to develop and/or maintain a quality application system. Staff hours should be broken down by major skill category, both technical and program related. This information will help management determine the resources required and when they are needed.

2 2.2 Risk Management
…show more content…
For physical risks, determine the vulnerability of the computer room and the impact of environmental hazards on the computer, related equipment, and their contents. For communication risks, evaluate the system for threats to the privacy and authenticity of telecommunications. For hardware, review the system’s current or proposed hardware configuration. For software, review the system software for security risks and potential vulnerabilities. Identify the potential security risks and provide the following information for each:

1 4.x [Risk Name]

Provide a risk name and identifier here for reference in the remainder of the subsection.

1 4.x.1 Risk Category

Identify the category of risk (physical, communications, hardware, software).

2 4.x.2 Risk Impact

Provide an assessment of the magnitude of the risk’s impact in the event of an occurrence.

3 4.x.3 Potential Safeguard(s)

This subsection provides a detailed description of potential safeguards corresponding to the risk named in 4.x. Each safeguard should be under a separate subsection header, 4.x.3.1 - 4.x.3.y.

1 4.x.3.y [Safeguard Name]

Provide a name and identifier here for the potential safeguard for reference in the corresponding subsection of 5.x. Describe the

Related Documents