|
Business risk management (BURM)
The development or review of an information systems strategy to support
an organisation's business goals and the development of plans to drive
forward and manage that strategy. Working with others to embed the strategic
management of information systems as part of the management of the organisation.
Level 5
Carries out risk assessment within a defined functional or technical
area of business. Uses consistent processes for identifying potential
risk events, quantifying and documenting the probability of occurrence
and impact on the business. Refers to domain experts for guidance on
specialised areas of risk, such as architecture and environment. Coordinates
the development of countermeasures and contingency plans.
Level 6
Plans and manages the implementation of organisation-wide processes
and procedures, tools and techniques for the identification, assessment
and management of risk inherent in the operation of business processes
and of potential risks arising from planned IT-enabled change.
|
