《qITIL中级课程-风险管理》由会员分享,可在线阅读,更多相关《qITIL中级课程-风险管理(70页珍藏版)》请在金锄头文库上搜索。
1、ContentsCHAPTER 1: INTRODUCTION o 1.1燩urpose of this guide o 1.2燱hat is management of risk? o 1.3燱hy management of risk is important o 1.4燱ho is involved in risk management o 1.5燞ow to use this guide o 1.6燭he research for this guidance CHAPTER 2: PRINCIPLESo 2.1燙ritical success factors for managemen
2、t of risk o 2.2燱hat is at risk and why? o 2.3燚ecisions about risk o 2.4燱here risks occur o 2.5燗 framework for managing risk o 2.6燫isk ownership o 2.7燛mbedding the risk management culture o 2.8燘udgets CHAPTER 3: HOW RISKS ARE MANAGED o 3.1燚efining a framework for management of risk o 3.2燫isk identifi
3、cation o 3.3營dentifying probable risk owners o 3.4燫isk evaluation o 3.5燬etting risk tolerances o 3.6燫esponse to risk o 3.7營mplementing risk responses o 3.8燤onitoring responses o 3.9燗ssurance and review o 3.10燙ontinuing to improve CHAPTER 4: MANAGING RISK AT THE STRATEGIC LEVEL o 4.1燭ypes of risk o 4
4、.2燱here to apply risk management o 4.3燱hen to do it o 4.4燱ho is involved o 4.5燬trategic level policy for management of risk CHAPTER 5: MANAGING RISK AT THE PROGRAMME LEVEL o 5.1燗reas of risk o 5.2燭ypes of risk o 5.3燱here to apply risk management o 5.4燱hen to do it o 5.5燱ho is involved o 5.6燩rogramme
5、 level policy for management of risk CHAPTER 6: MANAGING RISKS AT THE PROJECT LEVEL o 6.1燘reaking down a project o 6.2燭ypes of risk o 6.3燱here to apply risk management o 6.4燱hen to do it o 6.5燱ho is involved o 6.6燩roject level policy for management of risk CHAPTER 7: MANAGING RISK AT THE OPERATIONAL
6、 LEVEL o 7.1燭ypes of risk o 7.2燱here to apply risk management o 7.3燱hen to do it o 7.4燱ho is involved o 7.5燨perational level policy for management of risk CHAPTER 8: TECHNIQUES o 8.1燫isk identification approaches o 8.2燫isk management approaches o 8.3燚ocumentation techniques o 8.4燛xternal review of a
7、ctivities o 8.5燗pplying the risk management processes ANNEX A: EXAMPLES OF BENEFITS OF RISK MANAGEMENT o A1燬trategic benefits o A2燜inancial benefits o A3燩rogramme benefits o A4燘usiness process benefits o A5燨verall management benefits ANNEX B: HEALTHCHECK: HOW WELL IS YOUR ORGANISATION MANAGING RISK?
8、 o B1燢ey elements o B2燫eview of overall effectiveness o B3燙hecklist: risk ownership o B4燙hecklist: on risk identification o B5燙hecklist: risk evaluation and assessment of the organisations willingness to take on risk o B6燙hecklist: risk response o B7燙hecklist: monitoring and control mechanisms ANNEX
9、 C: CATEGORISING RISK o C1燭hreats and impacts o C2燬trategic risk - major threats o C3燭hreats to projects or programmes o C4燨perational risks ANNEX D: SETTING A STANDARD FOR EVALUATION OF RISK o D1燯sing the summary risk profile o D2燣ooking at probability o D3燣ooking at impact ANNEX E: PROCUREMENT, CO
10、NTRACTUAL AND LEGAL CONSIDERATIONS o E1燤odular and incremental approaches o E2燙ontract risk management o E3燨utsourcing to support business needs o E4燣egal aspects of procurement ANNEX F: BUSINESS CONTINUITY MANAGEMENT o F1燱hy is business continuity management important? o F2燱hat is business continui
11、ty management? o F3燞ow to implement business continuity management o F4燬tructuring business continuity plans o F5燘usiness continuity supported by a risk management process o F6燱ho to involve in business continuity management o F7營ssues to consider in a BCP o F8燗ssuring your BCP is viable o F9燱here t
12、o store BCPs o F10燙ommunications o F11燘CM summary ANNEX G: MANAGING ORGANISATIONAL SAFETY AND SECURITY o G1燞ow are safety and security related? o G2燤andate for ensuring safety and security o G3燬ecuring assets o G4燬ecuring incidents o G5燗dopting good practice in information security management ANNEX
13、H: INFORMATION ON FURTHER TECHNIQUES TO SUPPORT MANAGEMENT OF RISK o H1燫isk identification workshops o H2燫isk management workshops o H3燙ause-and-effect diagrams o H4燚ecision trees o H5營nsurance premium approach o H6燙ritical path analysis (CPA) or critical path method (CPM) o H7燤onte Carlo simulation
14、 o H8燫isk map o H9燩robability and impact grid o H10燬catter diagram o H11燫adar chart o H12燫isk indicators ANNEX J: LESSONS LEARNED FROM OTHERS o J1燗ssessing success o J2燱hy projects fail o J3燬topping a project o J4燘arriers ANNEX K: ASSESSING THE SUITABILITY OF TOOLS o K1營ssues to consider when select
15、ing tools o K2燗ppraisal and evaluation in context o K3燝eneral appraisal procedure o K4燙ustomisation of criteria ANNEX L: DOCUMENTATION OUTLINES o L1燘usiness Case o L2燘usiness Continuity Plan (BCP) o L3燙ommunications Plan o L4燙ontingency plan o L5燤anagement of Risk Policy o L6?Activity) plans for programme and/or project o L7燫isk Register o L8燬ecurity policy o L9燬takeholder map o L10燬ummary Risk ProfileCHAPTER 1: INTRODUCTION1.1 Purpose of this guide1.2 What is management of risk?1.3 Why m
