Professional Documents
Culture Documents
The potential for uncontrolled loss of something of value. Values can be gained
or lost when taking risk resulting from a given action or inaction, foreseen or
unforeseen.
Variability in possible outcomes of an event or project.
MANAGEMENT
Management is a set of principles relating to the functions of planning,
organizing, directing and controlling, and the application of these principles in
harnessing physical, financial, human and informational resources efficiently and
effectively to achieve organizational goals.
RISK MANAGEMENT
The continuing process to identify, analyze, evaluate, and treat loss exposures
and monitor risk control and financial resources to mitigate the adverse effects of
loss.
Crucial to the success of all software development, enhancement and
maintenance projects.
Process that allows individual risk events and overall risk to be understood and
managed proactively, optimizing success by minimizing threats and maximizing
opportunities.
Risk management is the process of identifying, assessing and controlling threats
to an organization's capital and earnings. These threats, or risks, could stem from
a wide variety of sources, including financial uncertainty, legal liabilities, strategic
management errors, accidents and natural disasters.
SOURCES OF RISKS:
1. External Risks
Comes from outside the organization or project and outside of the team’s control
Not it the control of the management
Produced by a non-human source and are beyond human control
Example:
Political Issues
Exchange Rates
Interest Rates
Natural Disasters
2. Internal Risks
From within the organization and arise during normal operation
Typically generated by one (or some combination) of human, technical or
physical factors
Example:
Non-compliance or Information Breaches
Loss of funds through theft
Injury to employees
Creates a safe and secure work environment for all staff and customers.
Increases the stability of business operations while also decreasing legal liability.
Provides protection from events that are detrimental to both the company and the
environment.
Protects all involved people and assets from potential harm.
Helps establish the organization's insurance needs in order to save on
unnecessary premiums.
The ISO recommended the following target areas, or principles, should be part of
the overall risk management process:
The process should create value for the organization.
It should be an integral part of the overall organizational process.
It should factor into the company's overall decision-making process.
It must explicitly address any uncertainty.
It should be systematic and structured.
It should be based on the best available information.
It should be tailored to the project.
It must take into account human factors, including potential errors.
It should be transparent and all-inclusive.
It should be adaptable to change.
It should be continuously monitored and improved upon.
The ISO standards and others like it have been developed worldwide to
help organizations systematically implement risk management best practices. The
ultimate goal for these standards is to establish common frameworks and processes to
effectively implement risk management strategies.
GOVERNANCE,
BUSINESS ETHICS,
RISK MANAGEMENT,
ARENAS, REYCEL R.
CENIZA, DAISY V.
MACALINO, REI AARON CARLO P.
Members