Information Security

Risk Identification Process – Burning Challenges

Risk Identification Process – Burning Challenges

Risk identification is one of the most important factor which decides the fate of Risk Management in an Enterprise or organization. Some of the key challenges involved are:

  1. Broad Statement Risk

Some enterprise identify the risks which are too broad in nature. Example includes

  • Risk to Brand reputation
  • Compliance risk (including statutory & regulatory requirements)
  • Fraud Risk (Internal/external fraud)

It becomes very difficult to manage these risks even at strategic level

  1. Causes as Risk

Many enterprise identify the risks that are actually causes and it’s very difficult to manage these risks. The statements that indicates causes as risk includes

  • Lack of (trained staffs, funds, Information security Awareness etc…)
  • Ineffective (Internal Audit, Policy Implementation etc…)
  • Inadequate (Training, Procedures etc…)
  • Poor (Project Management, Asset Management etc…)
  1. Consequences as Risk

Many organisation commits the mistake of identifying effect/consequences as risk. Thus reducing the effectiveness of Enterprise Risk Management process. Examples include

  • Budget overspend
  • Project missing the planned deadline

Risk Management Process – Birds Eye view

Risk Identification Process-Burning Challenges