Risk RASCI

Define and
Process Implement Risk
Program Set Risk Policy

Role
Risk Owner C C
IT Function C C
IT Risk Officer R R
IT Risk Analyst S S
IT Risk Committee A A
Board of Directors I I

Legend
R Responsible - Ensures the work gets done
Acocuntable (approver) - Answerable for
the completion of the work. May be
A required to sign off
S Support - Helps complete task
Consulted - Opinions are sought. Typically
C subject matter experts
I Informed - Kept up-to-date on progress
 Risk Identification
Set Risk Appetite and Assessment Risk Response Risk Monitoring

C A A A
C R R R/C
R C C R/C
S S C S
C C C I
A I I I