This page outlines Vertic’s current organisational Risk register and the appropriate and relevant mitigation strategy.
Risk Nbr | Risk Name | Description/Risk Outcome | Annex A Controls | Likelihood | Impact Level | Severity | Mitigation/Treatment | Post-Treatment Likelihood | Post-Treatment Severity |
|---|---|---|---|---|---|---|---|---|---|
1 | Client Data Breach | A data breach may occur in one of our client’s software environments which may result in exposure of critical information. |
| HIGH | |||||
2 | Staff Breach | A staff member may expose critical data from a client’s software environment which could then be published. | HIGH | ||||||
3 | Hardware Loss | We may experience the failure of our hardware (primarily work laptops) which could result in loss of critical information to perform our duties. | MEDIUM | ||||||
4 | Software Failures | ||||||||
5 | Employee Fraud | ||||||||
6 | Employee Injury | ||||||||
7 | Natural Disaster | ||||||||
8 | Software Development Standard Breach | ||||||||
9 | Physical Security Breach | ||||||||
10 | Contractural Relations Breach | ||||||||
11 | Damage caused by Third Party | ||||||||
12 | Malicious Code | ||||||||
13 | Equipment Theft | ||||||||
14 | Sensitive Data Threat | ||||||||
15 | Security Information System Failure |
|
We have used the following matrix to determine the severity of a stated risk:
Risk Likelihood | Risk Impact Level | Risk Severity |
|---|---|---|