Checklist ITSCM Risk Analysis: Difference between revisions

From IT Process Wiki
mNo edit summary
mNo edit summary
Line 1: Line 1:
<seo metakeywords="risk analysis itscm, itscm risk analysis, risk analysis checklist" metadescription="The risk analysis within IT Service Continuity Management (ITSCM) collects the following data in order to assess the risks in the event of disasters: ..." />
<itpmch><title>Checklist ITSCM Risk Analysis | IT Process Wiki</title>
<meta name="keywords" content="risk analysis itscm, itscm risk analysis, risk analysis checklist" />
<meta name="description" content="The risk analysis within IT Service Continuity Management (ITSCM) collects the following data in order to assess the risks in the event of disasters: ..." />
</itpmch>
<imagemap>
<imagemap>
Image:ITIL-Wiki-deutsch.jpg|right|Checklist ITSCM Risk Analysis - Template ITSCM Risk Analysis
Image:ITIL-Wiki-deutsch.jpg|right|Checklist ITSCM Risk Analysis - Template ITSCM Risk Analysis
Line 7: Line 10:
<br style="clear:both;"/>
<br style="clear:both;"/>


'''ITIL Process''': ITIL V2 [[Service Delivery]] - [[IT Service Continuity Management]]
<p>&nbsp;</p>


'''Checklist Category''': [[ITIL-Checklists#Checklists for IT Service Continuity Management|Checklists for IT Service Continuity Management]]
'''ITIL Process''': [[ITIL Service Design]] - [[IT Service Continuity Management]]
 
'''Checklist Category''': [[ITIL-Checklists|ITIL Templates]] - IT Service Continuity Management


'''Source''': Checklist "ITSCM Risk Analysis" from the [https://en.it-processmaps.com/products/product-versions-itil-v3.html ITIL Process Map V2]
'''Source''': Checklist "ITSCM Risk Analysis" from the [https://en.it-processmaps.com/products/product-versions-itil-v3.html ITIL Process Map V2]


 
<p>&nbsp;</p>


The risk analysis within IT Service Continuity Management collects the following data in order to assess the risks in the event of disasters:
The risk analysis within IT Service Continuity Management collects the following data in order to assess the risks in the event of disasters:
Line 50: Line 55:
** Risk classification, e.g. „Negligible“, „Marginal risk, temporarily tolerable“, „Increased, still temporarily tolerable risk“, „High risk, not tolerable without precautionary measures“, „Extreme risk, to be ruled out by all means“
** Risk classification, e.g. „Negligible“, „Marginal risk, temporarily tolerable“, „Increased, still temporarily tolerable risk“, „High risk, not tolerable without precautionary measures“, „Extreme risk, to be ruled out by all means“


<p>&nbsp;</p>


<html><a rel="author" href="https://plus.google.com/111925560448291102517"><img style="margin:0px 0px 0px 0px;" src="/skins/Vector/images/itpm/bookmarking/gplus.png" width="16" height="16" title="By: Stefan Kempter | Profile on Google+" alt="Author: Stefan Kempter, IT Process Maps GbR" /></a></html>


<!-- This page is assigned to the following categories: -->
<!-- This page is assigned to the following categories: -->

Revision as of 15:38, 3 August 2013

Checklist ITSCM Risk Analysis - Template ITSCM Risk Analysis
Checklist ITSCM Risk Analysis - Template ITSCM Risk Analysis


 

ITIL Process: ITIL Service Design - IT Service Continuity Management

Checklist Category: ITIL Templates - IT Service Continuity Management

Source: Checklist "ITSCM Risk Analysis" from the ITIL Process Map V2

 

The risk analysis within IT Service Continuity Management collects the following data in order to assess the risks in the event of disasters:

  • Critical business processes
    • Name
    • Purpose and objectives of the process
    • Classification of the processes into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
  • Critical business data
    • Name
    • Type of information and usage of the data
    • Classification of the data into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
  • Critical IT Services
    • Name
    • Dependencies of the critical business processes and data upon the IT Service (relationships between processes/ data and IT Services)
    • Classification of the IT Service into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
  • Critical IT infrastructure components
    • Name
    • Dependencies of the critical IT Services upon the IT infrastructure components (relationships between IT Services and IT infrastructure components)
    • Classification of the IT infrastructure components into criticality categories (e.g. „Marginal“, „Normal“, „Critical“, „Highly Critical“)
  • Threat analysis
    • For all critical infrastructure components:
      • Which threats/ disaster scenarios are imaginable?
      • Which consequences does the occurrence of a scenario carry?
      • Which level of damage would be expected?
      • How likely is the occurrence? (e.g. „Highly Improbable“, „Improbable“, „Relatively Improbable“, „Rather Improbable“, „Highly Probable“
  • Analysis of vulnerabilities
    • For all critical infrastructure components:
      • Which vulnerabilities, impairing the critical infrastructure components in the event of a disaster, are imaginable?
      • Which consequences would a failure carry?
      • Which level of damage would be expected?
      • How great is the probability of occurrence? (e.g. „Highly Improbable“, „Improbable“, „Relatively Improbable“, „Rather Improbable“, „Highly Probable“
  • Priorised list of the risks (risk = occurrence probability x level of damage)
    • Type of risk
    • Based on which threat or vulnerability
    • Risk classification, e.g. „Negligible“, „Marginal risk, temporarily tolerable“, „Increased, still temporarily tolerable risk“, „High risk, not tolerable without precautionary measures“, „Extreme risk, to be ruled out by all means“