Dimensions

Warn

Work in progress, this is just the results of an initial brainstorm session, needs to be worked out

1. External risk: Are threats identified (according to but not exclusive to your SWOT analysis)?
2. Do you have a threat-matrix?
3. Is there a threat-risk score?
4. External risk: Cyber-threats, have they been identified?
5. Preventable risks
6. Strategy risks
7. Scoring risks:
8. Is the risk-appetite defined by the board?
9. How do you translate identified risks or threats into action?