Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Overview


Lifecycle for Risk Items

Risk lifecycle goes like this:

  1. Risk is being vaguely defined - draft
  2. Details are added and risk is confirmed - identified
  3. Risk assessment is kicked off - under assessment
    1. Risk Calculation is finalized and risk value is determined - assessed
  4. Leo makes a decision about what to do next:
    1. There is no reason to discuss this risk, it is invalid, lacks reasoning, etc. unfounded
    2. Decides to accept the risk as-is - accepted
    3. Decides to transfer it to a vendor - transferred
    4. Makes a decision to avoid risk completely - avoided
    5. Decides to research/remediate it in the future and try to reduce it - remediate
  5. Leo is actively working on one of the risks - in remediation

Once remediation is completed, the risk is reassessed and can end up in the following state:

  1. Accepted
  2. Transferred
  3. Avoided
  • No labels

© 2021 Copyright Reciprocity, Inc.
https://reciprocity.com