Continuously tracking identified risks, assessing new risks, executing response plans and evaluating their effectiveness during a projects lifecycle
Residual Risk
Likelihood and impact after implementing mitigation, transference or acceptance measures on the initial risk
Leftover Risk after mitigation is implemented
Secondary Risk
They are new risks that arise from that risk mitigation implementation
We need to mitigate those to an acceptable level as well
Control Risk
Assessment of how a security measure has lost effectiveness over time
Risk Reporting
Process of communicating information about risk management activities
Helps to:
- Informed Decision-Making
- Risk Mitigation
- Stakeholder Communication
- Regulatory Compliance