Ø CASE France Ø Services & consulting Ø Events & Press Ø Information request Ø Contact Ø Search

 

Solution: Envision Risks IT

Analyze, manage, develop and capitalize on your risk analysis

IT Risks

Risks on IT applications, systems and networks

The methodology is based on the mapping of the company's applications, systems and networks whose failures can cause risks affecting the enterprise's operation and could create serious financial and information losses.

See: IT risks model

Click on image to enlarge the IT risks model

Today's, organizations are heavily dependent on their information system (IS) performance . This last one contains treasures in its various memories. It holds all the data and has become the nervous system and the communication center.

SI addiction leads to risks, which by their consequences might affect the sustainability of the company. Risk analysis can identify the dangers associated with IT applications and systems, assess risks and develop a protective barrier that will reduce to acceptable levels, the consequences of the feared arrival of events . It is an implementation of the science of risk: the "cindynic" which is taught in most engineers schools

Risks Analysis (RA) begins with the mapping of computers applications, systems and networks. This analysis can also be done as a result of a previous IS mapping, which adds value to this preliminary work and help to justify it (see Envision IT). The RA tends to make acceptable the risk of failure of components of the SI and thus to avoid economic disasters related to the partial or total disruption of IT services. The risk's consequences increase as the company develops. Managing these factors allows the monitoring of hazards, incident tracking and continuous reassessment of the risks "criticality",  barriers costs and effectiveness (coverage). And finally It allows the implementation of up to date actions plan.

Depending on the circumstances, this analysis can be done independently of any prior mapping or integrated within a business process an IT mapping with Envision IT.

These R.A. activities can be integrated within other activities such as the systems engineering process with Envision Systems Engineering,  in the management of business process and IT system with Envision Business Suite

Project management assistance

Consulting and intellectual activities with or without technology transfer, risk analysis and actions plan design are available.

see also

puce General and technical risks analysis
puce Operational risks analysis

Documentation and prices

Solution key points

  • Original methodology, validated and taught in High School
    Since many decades the method was tested in critical projects: Especially in the nuclear power and military industries
     
  • Generation of risk scenarios
    To identify new risks and to determine their genesis
     
  • Allows reduction of the effects of Unwanted Events (U.W.E.)
    Qualification and quantification of barriers, actions to be implemented, in order to minimize or remove the consequences of unwanted events
     
  • Evolution and historic management
    Automatic and hierarchical recalculations of numerical data after each modification: probabilities, costs, covering rate etc.
     
  • Increase analysts added value
    Automatic generation of the risks management documentation plan, with company standard formats (Word/Excel/HTML)
     
  • Hoarding, valorization and traceability
    Creation of a centralized risks data base with multi users access, capitalizes the effort and allows to re-use risks analysis and to share a unique definition
     

  • Evolution and flexibility
    At any moment you can completely reconfigure the tool to add new sights, new diagrams or to integrate new external tools

Information leveraging solutions
tailored to each enterprise and its projects.
In France since 1989

Pages trouvées

IT Risks analysis model

Envision Risks IT includes two phases:

  • The mapping of IT applications and systems (possibility of recovery if already done)
    This is the starting point of the risks analysis. It is a graphical representation of IT applications, systems and networks.
     

  • Risk analysis on the IT applications, systems and networks

    • Search for sources of hazard on the IT applications and technical systems diagrams by crossing with the typology list of risks

    • Qualitative and quantitative definition of risk. Risk = Hazard * Frequency (probability) * * Acceptability Severity (consequences)

    • Establishment of technical barriers and procedures on events, with qualification and quantification (coverage, cost, cost of the target) to make the risks acceptable. Monitoring the impact of barriers on the criticality of risk G * P (* Gravity Probability). Analysis of new risks possibly caused by the barriers themself, to get the residual risk.

    •  Barriers performance management: cost of the barrier / Performance (coverage) / Cost of the target.

    • Negotiating levels of criticality and ranking risks. Monitoring the evolution of criticality in relation to a target.

    • Archiving incidents and corrections made in the process - activities - barriers. Continuous reclassification of risks criticality following the recorded incidents analysis (management feedback integrated).

    • Automatic generation and real-time up to date actions plan (barriers), dashboards and so on. Depending on your format: HTML / Word / Excel or  Internet / Intranet publication

Click on image to enlarge

Business domains of the enterprise
Domain's IT applications and hazards (risks)
Entity's technical systems and hazards
Hazard's failure tree of an IT application or a technical system
Close

CASE France copyright - 05/01/2016