Description
Implements the management of risk across information systems through the application of the enterprise defined risk management policy and procedure.
Assesses risk to the organisation’s business, including web, cloud and mobile resources.
Documents potential risk and containment plans.
Levels
Level 2
Understands and applies the principles of risk management and investigates ICT solutions to mitigate identified risks.
Level 3
Decides on appropriate actions required to adapt security and address risk exposure.
Evaluates, manages and ensures validation of exceptions; audits ICT processes and environment.
Level 4
Provides leadership to define and make applicable a policy for risk management by considering all the possible constraints, including technical, economic and political issues.
Delegates assignments.
Knowledge
Apply risk analysis taking into account corporate values and interests
The return on investment compared to risk avoidance
Good practices (methodologies) and standards in risk analysis
Skills
Develop risk management plan to identify required preventative actions
Communicate and promote the organisation’s risk analysis outcomes and risk management processes
Design and document the processes for risk analysis and management
Apply mitigation and contingency actions
Functies met E.3 Risk Management competentie