risk assessment

ITIL V3 (Information Technology Infrastructure Library) Roles and Responsibilities Templates

ITIL V3 roles within Service Strategy
- IT Steering Group (ISG)
- Financial Manager
- Service Portfolio Manager

ITIL V3 roles within Service Design
- Service Catalogue Manager
- Service Level Manager
- Service Owner
- Service Design Manager
- Applications Analyst/ Architect
- Technical Analyst/ Architect
- Risk Manager
- Capacity Manager
- Availability Manager
- IT Service Continuity Manager
- IT Security Manager
- Compliance Manager
- IT Architect

Wireless and Mobile Network Security Personal Risk and Control Templates

1. Read access to private data
this risk includes unauthorized reading of the consumed, produced or transmitted content. An example is wire tapping or snooping, i.e. a passive reading of data during their transmission over a telecommunications network. Motivated by privacy protection, this category also includes read access to administrative data related to the access profile (such as personal identity, location, use statistics and billing).

2. Modification of private data
an unnoticed change in the private data cited in the preceding section is a risk, because it can lead to taking control of the private data, to changes in usage statistics, accounting, etc. Note that depending on the used technology, modification does not necessarily imply read access. An example is the blind change of encrypted frames on a wireless link that uses the WEP encryption scheme according to the IEEE 802.11 standard.

3. Rogue services

Project Management Evolutionary Delivery Checklist

- Have you planned for several releases of the software before the full, final capabilities are present?

- Does the first release contain the germ of the program, the seed from which the rest of the program will be developed?

- Will the first release be made as early as possible to get the ball rolling?

- Is the first release usable, at least at some minimal level?

- Have you defined what each evolutionary stage will deliver as best as you can in the hazy dawn of the project?

- Does each release add significant capabilities?

Download Free Risk Register Template for IT & Project Management

1. BASIC RISK INFORMATION
Risk Number: Provide a unique identifier for risk

Risk Description / Risk Event Statement: A risk event statement states (i) what might happen in the future and (ii) its possible impact on the project. "Weather" is not a risk event statement. "Bad weather may delay the project" is a risk event statement.

Responsible: Name or title of team member responsible for risk

Date Reported

Download free SCADA Cyber Security Risk Assessments Tools. This Tools covers:
What processes are in place to identify security risks from cyber incidents in our SCADA system?
Considering the potential for security risks associated with SCADA systems, it is important that there is a framework in place to identify possible risks for existing and new SCADA systems. As SCADA systems are becoming increasingly interconnected with the Internet and corporate networks they are also becoming more exposed to Internet security threats and network vulnerabilities.

What strategies have been put in place to manage these risks?
It is crucial for SCADA managers to put in place appropriate risk management strategies. Such strategies might include regular vulnerability assessments of SCADA systems, processes for patch management and configuration management, communication between engineering and IT departments, staff training, appropriate network architecture etc.

How regularly are vulnerability assessments undertaken of our SCADA system?