06 Risk Assessment

Risk Cypher will support the enhancement of the risk assessment program as needed and directed by the client.

06 Risk Assessment

Risk Cypher will maintain the availability of resources for the performance of the following activities:

● Support in the development, socialization, and alignment of a consolidated Risk Register
● Identification, communication, and planning of additional IT Risk assessments across the Organization
● Providing oversight and support for IT Risk Assessment completion (Application / RCSA)
● Support the capture of risk assessment results for import into a GRC tool to support platform implementation
● Provide architectural and solutions engineering support for the implementation of a Risk Assessment module in the target CNB GRC platform

Deliverables

In support of the objectives described above, Risk Cypher will also have responsibility for the following deliverables:
● Development of a Risk Assessment Standard, procedures, and guidelines which cover risk identification, risk analysis, risk ranking, treatment, remediation, and acceptance
● Enhance and define requirements around Risk Appetite, Risk Aggregation, Risk Concentration, Risk Limits, and Risk Limit Breaches
● Creation of an enterprise-wide IT Risk assessment calendar