Checklist ITSCM Risk Analysis: Difference between revisions
From IT Process Wiki
mNo edit summary |
No edit summary |
||
| Line 16: | Line 16: | ||
'''Checklist Category''': [[ITIL-Checklists|ITIL Templates]] - IT Service Continuity Management | '''Checklist Category''': [[ITIL-Checklists|ITIL Templates]] - IT Service Continuity Management | ||
'''Source''': Checklist "ITSCM Risk Analysis" from the [https://en.it-processmaps.com/products/ | '''Source''': Checklist "ITSCM Risk Analysis" from the ITIL Process Map V2 | ⯈ [https://en.it-processmaps.com/products/itil-process-map.html ITIL Process Map V3] | ||
<p> </p> | <p> </p> | ||
| Line 57: | Line 57: | ||
<p> </p> | <p> </p> | ||
<html><a rel="author" href="https:// | <html>By:  Stefan Kempter <a rel="author" href="https://www.linkedin.com/in/stefankempter"><img style="margin:0px 0px 0px 0px;" src="/images/bookmarking/linkedin.png" width="16" height="16" title="By: Stefan Kempter | Profile on LinkedIn" alt="Author: Stefan Kempter, IT Process Maps GbR" /></a>, IT Process Maps.</html> | ||
<!-- This page is assigned to the following categories: --> | <!-- This page is assigned to the following categories: --> | ||
Latest revision as of 20:04, 29 March 2019
ITIL Process: ITIL Service Design - IT Service Continuity Management
Checklist Category: ITIL Templates - IT Service Continuity Management
Source: Checklist "ITSCM Risk Analysis" from the ITIL Process Map V2 | ⯈ ITIL Process Map V3
The risk analysis within IT Service Continuity Management collects the following data in order to assess the risks in the event of disasters:
- Critical business processes
- Name
- Purpose and objectives of the process
- Classification of the processes into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
- Critical business data
- Name
- Type of information and usage of the data
- Classification of the data into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
- Critical IT Services
- Name
- Dependencies of the critical business processes and data upon the IT Service (relationships between processes/ data and IT Services)
- Classification of the IT Service into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
- Critical IT infrastructure components
- Name
- Dependencies of the critical IT Services upon the IT infrastructure components (relationships between IT Services and IT infrastructure components)
- Classification of the IT infrastructure components into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
- Threat analysis
- For all critical infrastructure components:
- Which threats/ disaster scenarios are imaginable?
- Which consequences does the occurrence of a scenario carry?
- Which level of damage would be expected?
- How likely is the occurrence? (e.g. „Highly Improbable“, „Improbable“, „Relatively Improbable“, „Rather Improbable“, „Highly Probable“
- For all critical infrastructure components:
- Analysis of vulnerabilities
- For all critical infrastructure components:
- Which vulnerabilities, impairing the critical infrastructure components in the event of a disaster, are imaginable?
- Which consequences would a failure carry?
- Which level of damage would be expected?
- How great is the probability of occurrence? (e.g. „Highly Improbable“, „Improbable“, „Relatively Improbable“, „Rather Improbable“, „Highly Probable“
- For all critical infrastructure components:
- Priorised list of the risks (risk = occurrence probability x level of damage)
- Type of risk
- Based on which threat or vulnerability
- Risk classification, e.g. „Negligible“, „Marginal risk, temporarily tolerable“, „Increased, still temporarily tolerable risk“, „High risk, not tolerable without precautionary measures“, „Extreme risk, to be ruled out by all means“
By: Stefan Kempter 
, IT Process Maps.
