Risk Management - BCM - Crisis Management
iFACTS approach to Risk management is inspired by major frameworks such as COSO ERM and ISO 31000/27005.
Typical risk work steps include: scoping, risk identification, impact on objectives, risk assessment, threats and vulnerabilities, risk treatment, risk mitigation activities, risk aggregation and third-party risk.
Risk management is often a key component in compliance. ”Events that can affect the achievement of objectives”. For example, GDPR, ISO, COBIT all require risk management.
Another aspect of Risk management is that it’s used by several actors for different purposes. For example control & audit, strategic risk management, operational risk management, DPIA within GDPR, EML in Loss prevention etc..
Business continuity management (BCM) is directly connected to Risk management in the iFACTS method. The risk scenarios are input to the BCM process where the risk is handled, for example, contingency plans, redundant servers or an alternative location.
The same logic applies to Crisis management, the risk scenarios are the input.
The iFACTS software is designed to support all these different types of Risk management, BCM, and Crisis management activities. The software functionality is decoupled and can be connected to any object such as organization, business process, IT system, processing, facility, threat library or control program.
Phone: +46 761888781