An IT project risk assessment is a document which outlines the manner of threat to data, particularly those which are of a sensitive and critical nature. Such a project risk assessment with regards to information technology is prepared usually for governmental agencies, top level business organizations and other elite, and highly guarded agencies of a governmental or private nature. It must be prepared after exhaustive surveys of the IT system of a particular client, the risks to the existing system and suggestions for plugging of gaps. Such a document must be composed with utmost care.
Sample IT Project Risk Assessment
This IT Project Risk Assessment must be read in conjunction with the Information Technology Risk Management Guideline which is Section 7 of the General Advisory Report of the Commonwealth of Michigan.
It is aimed at protecting data of a sensitive nature which is also of critical importance to the CoM. It is hereby published separately due to its unwieldy size and it should be read as an Appendix [D] of the original document.
This document contains the following details, separated into subheadings:
- IT Security Policy of the Commonwealth of Michigan
- IT Security Standard
- IT Security Audit Standard.
The IT Project risk assessment has been created by: Jason Wu and Shannon Doherty, Senior Technical Advisors, CoM.
Date of submission of report: 12th June 2011.
The document is divided into two sections, which are as follows:
- IT RISK ASSESSMENT: This is intended to provide explanatory details to the BFS, and suggestions for the various nodal agencies of the CoM to tackle primary threats to the sensitive IT Systems within their purview.
- A blank RISK ASSESSMENT REPORT: This shall follow the sample risk assessment report of the first section but with no content under the subheadings since this is meant for the various nodal agencies of the CoM themselves.