Decisions:
- Accept: acknowledge the risk, but do not take any action before it hits
- Mitigate: take measures to reduce the probability of occurrence or the potential damage
- Avoid: do something else without this risk, e.g. nothing
- Transfer: let someone else take care of it, e.g. insurance
- (Deny the risk: not allowed to choose, but many managers do this nevertheless...)
Probability of occurrence | Potential damage | Decision | Reasons | |||
---|---|---|---|---|---|---|
Financial | 1 | GAFAM |
|
| ||
2 | Competing technology | |||||
3 | Environmental cost | |||||
Legal | 4 | Governments Rules | ||||
5 | International Compatibility (ex. GDPR) | |||||
Strategic | 6 | Dependency | ||||
7 | Intermediaries | |||||
8 | Acceptance | |||||
9 | Engagement (Governance Rules) | |||||
10 | Usability | |||||
11 | Interoperability (Standards and Protocols) | |||||
12 | Integration | |||||
13 | Communication (Marketing) | |||||
Security | 14 | Physical vulnerabilities (Device lost) | ||||
15 | Protecting sensitive data |
percentage of occurrence Probability | ||||
---|---|---|---|---|
100 | ||||
90 | ||||
80 | ||||
70 | ||||
60 | ||||
50 | ||||
40 | ||||
30 | e.g. Physical vulnerabilities (Device lost) | |||
20 | ||||
10 | ||||
Low | Medium | High | Very High |