MOF: Identifying Risks
Microsoft has a good article on identifying risks and is worth reading, click here to read the source material for this article.
Risk identification is the first step in the proactive risk management process, it provides the opportunities, indicators, and information that allows an organization to raise major risks before they adversely affect operations and hence the business.
This step is closely related to the Information Technology Infrastructure Library (ITIL) term “classification”-formally identifying incidents, problems, and known errors by origin, symptoms, and causes.
Step 1 – Create a Risk Statement
Step 2 – Analyzing and Prioritizing Risks
Step 3 – Planning and Scheduling Risk Actions
Step 4 – Tracking and Reporting Risk
Step 5 – Controlling Risk
Step 6 – Learning from Risk