Risk management of threats

Every organisation needs to be prepared for risks so it is vital to have an effective risk management process.

We need to first consider what risk management is. The Institute of Risk Management give the following definition:

• Risk is part of all our lives
• As a society, we need to take risks to grow and develop. From energy to infrastructure, supply chains to airport security, hospitals to housing, effectively managed risks help societies achieve. In our fast paced world, the risks we have to manage evolve quickly. We need to make sure we manage risks so that we minimise their threats and maximise their potential.
• Risk management involves understanding, analysing and addressing risk to make sure organisations achieve their objectives. So it must be proportionate to the complexity and type of organisation involved. Enterprise Risk Management (ERM) is an integrated and joined up approach to managing risk across an organisation and its extended networks.
• Because risk is inherent in everything we do, the type of roles undertaken by risk professionals are incredibly diverse. They include roles in insurance, business continuity, health and safety, corporate governance, engineering, planning and financial services.

• Executive-level engagement
• Talent and human capital
• Intellectual property
• Connected products
• Customer trust
• Payments

Your task

Consider your own organisation and the nature of the information your role works with: what are the risks around your data being lost or used by others? How much would you spend to protect it?

References

_{Peasley, S., Mantha, K., Rao, V., Fedder, C. and Gasdia, M. (2017) ‘Cyber Risk in Consumer Business’. Deloitte Insights [online]. available from https://www2.deloitte.com/us/en/insights/industry/retail-distribution/cyber-risk-management-in-consumer-business.html [27 August 2019]}