Risk Assessments

AL Refs: RAP03, RAP04, GOV26, GOV27, PRV34

Purpose

The Risk Assessments should have a formal forum for performing, reviewing, updating, and approving the risk assessments in line with the Risk Management Framework requirements. These may be performed as part of a broader forum like the Management Meetings or Security Governance Meetings. Often the risk assessments for individual risks and updating the tracking of the Risk Register are performed more frequently. This periodic forum, often quarterly, ensures a holistic review has been performed and provides governance across the individual risk and control activities.

Example Risk Assessment Documentation

Meeting date:

Attendees:

Apologies:

Example Risk Register