The Key Principles of Risk Management and How They are Applied to the IT Professional

Running head : Risk Management in Information Technology

Risk Management in Information Technology

[Writer 's name]

[Institution 's name]

Introduction

Organizations are human communities , which are formed by bringing people together to communicate , intact and build ties to help each other to create meaning together . Information plays an important role in building these societies and providing knowledge about the task people perform The information networks created by the organizations help the people to adopt the environment . Build and develop communication networks improves learning process , develops sense of understanding and sharing

br between the people , provides a platform to discuss discoveries and innovations , provide the people with chance to learn after making mistakes

With the increasing use of Internet most of the business organizations are transforming their business online . The rising trend has made it essential for the businesses to analyze and assess the risk with the security of information systems . Despite enormous research in the field the appropriate steps for the security are not specified These security plans are often very expensive and require the knowledge of the IT systems as well as the business processes around them - even though the latter are generally not regarded explicitly (Bauknecht Oppliger , 2003

Risk is defined , as a bad notion is the most important stimulants for life . Adams (1995 ) defines risk as the "balancing act " in which the actors "balance the expected rewards of their actions against the perceived costs of failure " in a world in which both it and our perceptions of it are constantly being transformed by our effect on the world and its effect on us . In a ISO /TMB Risk Management Terminology (1999 ) risk is defined as combination of the probability of an event and its negative or positive consequences " The royal Society (1983 ) defined risk as a particular adverse event occurs during a stated period of time , or results from a particular challenge ' The Royal Society also states that as a probability in the sense of statistical theory risk obeys all the formal laws of combining probabilities . In the definition mentioned above the statistical theory is used which is often dependent upon the approximation or guess There are no scientific or certain calculations to support the theory and its result

In to effectively plan an IS project it is important to asses the risk with these projects . In to calculate these risks and uncertainties , tools such as INCLUDEPICTURE \d /images /excelicon16x .gif " Risk Potential Assessment INCLUDEPICTURE \d /images /pdficon16x .gif " Risk Potential Assessment guidance and INCLUDEPICTURE \d /images /excelicon16x .gif " Rapid_Risk_Check_v02 .2 .xls , The Rapid Risk Check sheet are available

According to (Boehm , 1991 , there are ten risk factors , which occur most frequently

Risk factor and Preventive measures

1 . Human error on part of staff : These risks can be eliminated by using the best management techniques such as employing the best people increasing rewards team formation training peer reviews adapt process to available know-how

2 . Unrealistic schedule and budget : The management must undertake Business-case analysis...