Risk Assessment Framework Implementation
Case: Implementation of Risk Assessment Framework
Duration
Consultants
Table of Contents
BACKGROUND
CHALLENGE
ASSIGNMENT
APPROACH
The project was split in 3 distinct phases:
- Review current state (as-is analysis), Requirement gathering and Methodology proposal
- Building basic framework (Governance, Taxonomy, Methodology details etc) including initial assessments
- Detailed assessment and improvement Path Including lessons learned)
RESULT
The first phase concluded that many different assessment types existed in many different formats. A proposal was made to streamline this. Furthermore there was no clear indication of a process or tool to be used to help with performing the assessment. Porteg build some base framework components to align the different assessment and proposed a new methodology to run. An extremely important focus was the management buy-in. Next to assigning management sponsors, we engaged regularly with the management team to stress the importance of risk assessment.
After this effort, we selected a set of 10 risks together with the management to perform initial analysis on and to test the framework. Porteg also coached the existing risk team to ensure the framework could be caried forward.
Improvement actions for specific risks were rolled out as well as continuous assessment could take place on those risks. The technology to support the process was build (including reporting) and the company is ready to perform risk assessments.