Checklist ITSCM Risk Analysis: Difference between revisions
From IT Process Wiki
mNo edit summary |
No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
< | <itpmch><title>Checklist ITSCM Risk Analysis | IT Process Wiki</title> | ||
<meta name="keywords" content="risk analysis itscm, itscm risk analysis, risk analysis checklist" /> | |||
<meta name="description" content="The risk analysis within IT Service Continuity Management (ITSCM) collects the following data in order to assess the risks in the event of disasters: ..." /> | |||
</itpmch> | |||
<imagemap> | <imagemap> | ||
Image:ITIL-Wiki-deutsch.jpg|right|Checklist ITSCM Risk Analysis - Template ITSCM Risk Analysis | Image:ITIL-Wiki-deutsch.jpg|right|Checklist ITSCM Risk Analysis - Template ITSCM Risk Analysis | ||
| Line 7: | Line 10: | ||
<br style="clear:both;"/> | <br style="clear:both;"/> | ||
<p> </p> | |||
''' | '''ITIL Process''': [[ITIL Service Design]] - [[IT Service Continuity Management]] | ||
''' | '''Checklist Category''': [[ITIL-Checklists|ITIL Templates]] - IT Service Continuity Management | ||
'''Source''': Checklist "ITSCM Risk Analysis" from the ITIL Process Map V2 | ⯈ [https://en.it-processmaps.com/products/itil-process-map.html ITIL Process Map V3] | |||
<p> </p> | |||
The risk analysis within IT Service Continuity Management collects the following data in order to assess the risks in the event of disasters: | The risk analysis within IT Service Continuity Management collects the following data in order to assess the risks in the event of disasters: | ||
| Line 50: | Line 55: | ||
** Risk classification, e.g. „Negligible“, „Marginal risk, temporarily tolerable“, „Increased, still temporarily tolerable risk“, „High risk, not tolerable without precautionary measures“, „Extreme risk, to be ruled out by all means“ | ** Risk classification, e.g. „Negligible“, „Marginal risk, temporarily tolerable“, „Increased, still temporarily tolerable risk“, „High risk, not tolerable without precautionary measures“, „Extreme risk, to be ruled out by all means“ | ||
<p> </p> | |||
<html>By:  Stefan Kempter <a rel="author" href="https://www.linkedin.com/in/stefankempter"><img style="margin:0px 0px 0px 0px;" src="/images/bookmarking/linkedin.png" width="16" height="16" title="By: Stefan Kempter | Profile on LinkedIn" alt="Author: Stefan Kempter, IT Process Maps GbR" /></a>, IT Process Maps.</html> | |||
<!-- This page is assigned to the following categories: --> | <!-- This page is assigned to the following categories: --> | ||
Latest revision as of 19:04, 29 March 2019
ITIL Process: ITIL Service Design - IT Service Continuity Management
Checklist Category: ITIL Templates - IT Service Continuity Management
Source: Checklist "ITSCM Risk Analysis" from the ITIL Process Map V2 | ⯈ ITIL Process Map V3
The risk analysis within IT Service Continuity Management collects the following data in order to assess the risks in the event of disasters:
- Critical business processes
- Name
- Purpose and objectives of the process
- Classification of the processes into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
- Critical business data
- Name
- Type of information and usage of the data
- Classification of the data into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
- Critical IT Services
- Name
- Dependencies of the critical business processes and data upon the IT Service (relationships between processes/ data and IT Services)
- Classification of the IT Service into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
- Critical IT infrastructure components
- Name
- Dependencies of the critical IT Services upon the IT infrastructure components (relationships between IT Services and IT infrastructure components)
- Classification of the IT infrastructure components into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
- Threat analysis
- For all critical infrastructure components:
- Which threats/ disaster scenarios are imaginable?
- Which consequences does the occurrence of a scenario carry?
- Which level of damage would be expected?
- How likely is the occurrence? (e.g. „Highly Improbable“, „Improbable“, „Relatively Improbable“, „Rather Improbable“, „Highly Probable“
- For all critical infrastructure components:
- Analysis of vulnerabilities
- For all critical infrastructure components:
- Which vulnerabilities, impairing the critical infrastructure components in the event of a disaster, are imaginable?
- Which consequences would a failure carry?
- Which level of damage would be expected?
- How great is the probability of occurrence? (e.g. „Highly Improbable“, „Improbable“, „Relatively Improbable“, „Rather Improbable“, „Highly Probable“
- For all critical infrastructure components:
- Priorised list of the risks (risk = occurrence probability x level of damage)
- Type of risk
- Based on which threat or vulnerability
- Risk classification, e.g. „Negligible“, „Marginal risk, temporarily tolerable“, „Increased, still temporarily tolerable risk“, „High risk, not tolerable without precautionary measures“, „Extreme risk, to be ruled out by all means“
By: Stefan Kempter 
, IT Process Maps.
