Final Project Part I Task 1ISOL 533 - Information Security and Risk Management

EXECUTIVE SUMMARY: Risk management plan is a document that the organization prepares to foresee risks, estimate impacts and to define responses to issues with a risk assessment matrix1 . The purpose of this plan is to identify potential risks before they occur and to be planned so that risks are handled throughout the project and to mitigate adverse events and finally to achieve desired objectives1 . Risk management plan is a continuous process and it is important part of any organization and management process to ensure that the risks and eliminated depending up on their severity and finally helps an organization to achieve the ultimate goal1 . Having an effective risk management plan helps identifying the risks at early stages and effectively eliminates it without any adverse effects. It is expected to have technical issued throughout the project and so every project should be ready with the plan to successfully complete the project within the timelines1 . Risk management can be divided in to Risk Planning, Risk Identification, Risk Assessment, Risk Response and Risk Monitoring. Having a perfect risk management plan helps organization in many different ways1 . Risk management plan identifies the strengths and weakness of the organization and also contribute to success by identifying the internal risks and external risks beforehand1 . Former President John F. Kennedy once said, "There are risks and costs to a program of action, but they are far less than the long-range risks and costs of comfortable inaction". I strongly agree with this that spending money to develop the risk management plan helps in eliminating huge loss later on2 .