Business Risk Management
Forecast and assess existing and potential IT risks which impact the operation and/or profitability to the business as well as the development and roll out of company-wide strategies and processes to mitigate risks, minimise their impact or effectively manage such business risks.
Level 1 (Follow)
- Being aware of what kind of business problems can be addressed by data-driven solutions.
- Understand the principles and general ideas of creating a data science/analytics solution.
Level 2 (Assist)
- Undertake basic risk management activities.
- Maintain documentation of risks, threats, vulnerabilities and mitigation actions.
Level 3 (Apply)
- Identify risks and their business impact and propose measures to manage risks.
- Carry out risk management activities within a specific function, technical area or project of medium complexity.
- Identify risks and vulnerabilities, assess their impact and probability, develop mitigation strategies and reports to the business.
- Involve specialists and domain experts as necessary.
- Assess current and potential risks within a defined functional area, and develop risk countermeasures and contingency plans.
Level 4 (Ensure)
- Critically evaluate, review and drive organisation-wide risk mitigation and management initiatives.
- Plan and implement complex and substantial risk management activities within a specific function, technical area, project or programme.
- Implement consistent and reliable risk management processes and reporting to key stakeholders.
- Engage specialists and domain experts as necessary.
- Advise on the organisation’s approach to risk management.
- Plan and manage the implementation of organisation-wide processes and procedures, tools and techniques for risk management.
- Consider organisation-wide risk and mitigation activities within the context of business risk as a whole and the organisation’s appetite for risk.
- Provide leadership on risk management at the organisational and business levels.
Level 5 (Strategise)
- Anticipate emerging threats and potential risks, and define the overarching risk management strategy for the business.
- Establish organisational strategy for risk management.
- Define and communicate the organisation’s appetite for risk.
- Provide resources to implement the organisation’s risk strategy.
- Delegate authority for detailed planning and execution of risk management activities across the organisation.