By Josh Oakes, IT Glue
“I thought you were taking care of that!”
When a client tells you that, you know you’re going to have a fantastic conversation. That’s because something bad happened, and revealed a common disconnect between IT service providers and their clients. The client assumes that the IT service provider handles every single aspect of IT service, including everything security related. You, the IT service provider, probably have a more realistic view.
But in a way, the client has a point. It’s not their fault that if they are unaware of the risks. And how would they know what you are handling if you don’t tell them? This is where the risk assessment comes into play. The first stage of the risk assessment is identifying and tracking risk.
To appropriately understand risk, examine the two dimensions – odds of it happening and outcomes if it does. Outcomes can be graded in terms of their impact on your client’s business or brand. Consider the following scale: