- Governance and Compliance
- IT Policies and Standards
-
Products and Services
- Applications
- Communications
- Data Center
- Desktop
- Network
- Professional Services
-
Security
- Application Security and Mainframe Access
- Enterprise Vulnerability
- Forensics Services
- Hard Drive Encryption
- Hosted Firewall Solution
- Identity Access Management
- Intrusion Detection Prevention
- Security Certificate Management
- Security Information Event Management (SIEM)
- Threat Management
- VPN Access
- Business Continuity
- Standard Products
- Web
- Support
Guidelines and Requirements for Risk Management
- Identify possible risks and determine how they can be contained.
- Know the likely cost of countermeasures.
-
Manage levels of risk and uncertainty properly so the project is successfully completed.
Mandated risk management requirements
According to statute (16E.04 Information and communications technology policy. Subd. 3. Risk assessment and mitigation), all State of Minnesota IT projects are required to complete a risk assessment and risk mitigation plan. Projects estimated to cost more than $5,000,000 (including internal labor costs) are required to have a risk assessment and the development of a risk mitigation plan completed by an entity outside of State government.
A Risk Assessment and development of the Risk Mitigation Plan should occur early during project planning and is maintained throughout the project life cycle for "continuous risk management."
Planning Tools and Templates
The Office of Enterprise Technology Project Management Office has developed a set of planning tools and templates, including risk management tools that agencies may find helpful in planning and managing project risks.
© Copyright 2013 MN.IT Services - State of Minnesota