Passer au contenu principal
Accueil

IS Risk Mgmt 10676320

Aperçu des sections

  • Généralités

    IS Risk Mgmt. 10676320   

     Protect to Enable Approach

    "Embracing change with power & purpose"

    In this course we will adapt Competency Based Edu. CBE-Learning Strategy, Blended Learning delivery mode. 

    Class meetings:  S-Tu-Th  9h00-10h00  & 10h00-11h00, 

    Zoom meetings:   ID 822 821 8416

    The course aims to increase students’ understanding/competency in the following 3 topics: 

    1- Principles of risk mgmt. and Guidelines.دليل إدارة المخاطر 

    ما هو مفهوم - طرق - اهداف - انواع - ادوات - معوقات - ادارة المخاطر  •

     Why to manage risks?

    • How to manage risks?

    • Identification, Eval. Treatment of risks?

    • Current issues in risk management.

    2- IS/IT Risks. المخاطر التي تتعرض لها أنظمة المعلومات في المؤسسة

    3- Risk Info. System. نظام معلومات لإدارة المخاطر



    To create an ordered path through the chaos of a fast-paced, constantly changing environment to achieve business success. You are expected to understand business objectives, develop and implement plans, measure progress against time, cost and business requirements, while balancing priorities among different and potentially conflicting stakeholder groups. Identifying, analyzing, and appropriately responding to risk in a proactive fashion, rather than waiting for the overwhelming avalanche of issues, is an essential skill of the professionally competent manager. This course is for you, providing a practical approach to managing risk and detailing and implementing an effective risk management plan.


    Follow this link for your Course Learning Contract

    IS Risk Management  Course Contract and Road-Map   qr

    In this file you'll find the road-map that explains all the topic, quizzes, tests, and assignments clearly identified by weeks and dates.    


  • 5 Bus. Continuity & Disaster Recovery Plan

     PP RR           Risk Mgmt Model

    Preparation الاستعداد- Prevention التجنب- قبل

    Response  اثناء الاستجابه -  Recovery التعافي بعد

    We Prepare to be able to Prevent....   our Response to Recover the Risk 

    Business Continuity Planning BCP and Disaster Recovery

    The key to business continuity planning and disaster recovery is to look at it as an entire function, as whole and complete in itself. The most effective way to coordinate your thinking and planning in this area is to document the various components required in one central document. This is called the Business Continuity Plan BCP.

    The purpose of developing a Business Continuity Plan is to ensure the continuation of your firm during and following any critical incident that results in disruption to the normal operational capability of the firm. This section will assist you to prepare a Risk Management Plan and Business Impact Analysis, and create Incident Response and Recovery Plans for your business.

    1. Developing a Business Continuity Plan The Business Continuity Plan is based on the Prevention, Preparedness, Response and Recovery (PPRR) framework. Each of the four key elements is represented by a part in the Business Continuity Planning Process as illustrated in Figure 7.2.

    It is important that you also consider any legislative or professional accounting body requirement in regard to business continuity or succession planning requirements that are designed to protect the interest of your clients.

    2. Prevention Prevention is all about risk management planning. This is where the likelihood and/or effects of risk associated with an incident are identified and managed. The key elements of the risk management processes are implemented at this stage, with threats identified and dealt with, or reduced to an acceptable level. These have been covered in detail in Section 7.3 of this module, but will be discussed briefly again here to maintain the context of the discussion in this section.

    3. Preparedness The key tool for the Preparedness element is the Business Impact Analysis. This is where the key activities of the firm that may be adversely affected by any disruptions are identified and prioritized. Prevention (Risk Management Plan) Response (Incident Response Plan) Recovery (Recovery Plan) Preparedness (Business Impact Analysis) Module 7: Risk Management 381

    4. Response The key function of the Response element is Incident Response Planning. This plan outlines the immediate actions to be taken to respond to an incident in terms of containment, control and minimizing of impacts.

    5. Recovery The Recovery section focuses on recovery planning. The purpose is to outline the actions that are to be taken to recover from an incident in order to minimize disruption and recovery times. Another important element of the Business Continuity Plan is the concept of regular updates and review. It is hoped that you will never need to use the plan, but if the need ever arises, you should know the plan is up to date with current details, information and resources. This is important, as it should reflect the changing needs of your firm. The templates and checklists provided in the following sections should be used as a guide only to assist you in developing your own Business Continuity Plan. You should customize it to suit the specific requirements and needs of your firm.

    6. Key items the plan should include: · Distribution list: An up-to-date list should be maintained of the people you have supplied with a copy of the plan and their contact details. Remember to keep a copy of the plan in a safe off-site location. · References and related documents: Make a list of all the documents that have a bearing on your Business Continuity Plan. · Table of contents: A table of contents should be included at the beginning of the plan. · Objectives of the plan: Objectives clarify the purpose of the plan and should describe the intended result. An example of some objectives for a practice would include:

    7. The objectives of this plan are to: · Undertake a risk management assessment of our firm; · Define and prioritize our critical practice functions; · Detail our immediate response to a critical incident; · Detail strategies and actions to be taken to enable our firm to continue operating; and · Review and update this plan on a regular basis.

loader image