A comprehensive risk management service incorporating
risk assessment, risk management strategies, risk reduction.
|
|
|
Risk Elimination
Risk Elimination is much too onerous and expensive for over 99% of
business and personal activities. |
|
Risk Management
Risk Management is the cost effective optimisation of the balance
between the benefits of risk reduction and the cost of reducing risk.
It is the most appropriate approach for most activities. |
| |
Risk Based Auditing in a gas utility and within the
health service
|
-
Working with clients to identify the high risk areas in their
business processes and reviewing the controls to ensure that they
are commensurate with the risk.
-
Not just strengthening controls where they are absent or too
weak, but removing controls where they are excessive for the level
of risk.
|
Risk Based Business Continuity Plans within
the Information Services Directorate of a gas utility.
|
-
Working with the owners of IS and Business applications to
determine their criticality for both recovery times and data loss.
Working with owners and technical teams to implement cost effective
recovery arrangements ranging from leading edge technologies such as
remote disk mirroring and parallel processing to recover systems in
minutes or hours, to remote redo logs and standard tape recoveries
for systems that could take days or weeks to restore.
-
Working with process teams to ensure that essential IS services
such as the Help Desk can continue to function during an incident.
-
Developing incident management and aftermath management
processes to manage the non technical aspects of an incident.
|
Experience of numerous reviewers utilising their own risk
management methodologies to identify and review risks, then make
recommendations
|
Auditee within a gas utility on the receiving end of
numerous audit style reviews e.g.:-
-
Internal Audit business continuity and information security
reviews.
-
External Audit business continuity reviews.
-
External Consultants' review of information security controls
over the emergency and meter work applications.
-
Gas Shippers' Audit to confirm utilities business continuity
arrangements prior to domestic gas competition go live.
-
OfGEM, Regulator's Audit to confirm utilities business
continuity arrangements prior to domestic gas competition go live.
-
Internal Business Continuity Team's reviews of IS plans.
-
ISO9001 Quality Audits of business continuity processes and
procedures.
|
Management of Risks as part of projects and team
management.
|
Assessment and management of risks during
projects to implement new systems, add continuity hardware and undertake
business continuity tests. Regular update of progress in managing
the risks. |
Risk Manager for a Primary Care Trust.
|
Implement the Health Service controls
assurance process for 22 standards for a Primary Care Trust within
exceeding tight deadlines. Use the gap analysis to identify the
weaknesses. Implement a prioritised action plan to remedy
weaknesses, working with the owner of each standard. |
