Professional Documents
Culture Documents
Issue Status
Issue Summary Risk Summary
Open 0 Open 42 Open Closed In Progress Monitoring Resolved
Closed 0 Closed 0
In Progress 0 In Progress 0
Monitoring 0 Monitoring 0
Resolved 0 Resolved 0
Low Impact 0 Low 0
Med Impact 0 Moderate 0
High Impact 0 High 0
Low Priorit 0 Extreme 0
Med Priorit 0 Total Risks 42 Risk Status
High Priorit 0
Open Closed In Progress Monitoring Resolved
Total Issues 0
20 1
15 0.8
10 Risk Type 0.6
Issue Type
5 0.4
0 0.2
Strategic Financial Regulatory Manageme Operational 0
nt
Low Moderate High Extreme
Cloud Computing Risk Log
Risk Last
Ref Risk Date Action Impact Risk Current
Risk Control Area Issue Likelihood Rating Likelihood Impact Mitigation Reviewe
No Type Logged Owner Rating Rating Status
Actions d
Lack of effective internal
information security governance,
Governance & Enterprise Risk risk management and compliance,
R1 Management <select> <select> N/A Open
Management and alignment with the provider
own security governance
Page 2 of 6
Risk Last
Ref Risk Date Action Impact Risk Current
Risk Control Area Issue Likelihood Rating Likelihood Impact Mitigation Reviewe
No Type Logged Owner Rating Rating Status
Actions d
The agency might relinquish
control to the provider on a
R10 Regulatory Governance Degradation number of issues which may affect <select> <select> N/A Open
overall governance
Page 3 of 6
HUA Standard 4360:2004 Risk Management
Each risk has been rated in terms of it’s resulting likelihood of occurrence and the potential impact, using the rating system specified in HUA
STANDARD 4360:2004 Risk Management. These are explained in the tables below.
Consequences
Insignificant Minor Moderate Major Catastrophic
Likelihood: 1 2 3 4 5
A (almost certain) H H E E E
B (likely) M H H E E
C (possible) L M H E E
D (unlikely) L L M H E
E (rare) L L M H H
Key Description
E Extreme Risk: Immediate action required to mitigate the risk.
H High Risk: Action should be taken to compensate for the risk.
M Moderate Risk: Action should be taken to monitor the risk.
L Low Risk: Routine acceptance of the risk.
Provided by
KineticIT under Final version - customised
7/7/2009 1.00
contract to the Dept original Issue-Risk log template.
of Finance
12/13/2013 1.30