Risk Management

Risk Management is the process of identifying and mitigating potential risks that organizations face. Typically this involves reviewing the operations of an agency to identify potential threats, assessing the likelihood of occurrence and developing an action plan to address the risk factors. There are four types of strategies that can be developed when completing a risk assessment 1) Transfer the risk, 2) Avoid the risk, 3) Reduce the risk, and 4) Accept the risk. RNR Consulting has crafted a methodology for conducting risk management assessments. The steps are listed below.

1. Identify the risks
2. Assess and rank the risks
3. Develop mitigation strategies
4. Develop cost benefit analysis
5. Develop implementation plan

Sample Case Studies:

State of Maryland, Department of Budget and Management - Risk Assessment and Risk Mitigation Strategies

Maryland State Highway Administration - Asset Data Warehouse - Concept Definition Phase and Materials Management System -Concept Definition Phase

Disaster Recovery Planning

Disaster Recovery Planning is one type of a risk management assessment. It is the process of accessing data from either hardware or software to enable an organization to resume critical business operations in the event of a natural or human caused disaster. Disaster Recovery Plans are a comprehensive roadmap detailing how to recover data and identify technology and tools that support network operations and infrastructure and hardware and operating systems. Disaster Recovery Plans define daily activities into mission critical and business critical and define roles and responsibilities in the event of an emergency. 

Sample Case Studies:

San Antonio Housing Authority - IT Operational Review

Stark Area Regional Transit Authority - Disaster Recovery Plan