A risk is an event which can be foreseen, but which has the ability to damage or break a project.
The usual meaning of "Risk" within a project is to be exposing to a danger with the aim of drawing an advantage from it. But these risks must be controlled to see any advantage.
"Not to manage the risks is to take all the risks"
A risk analysis is included in the Validation Strategy / Plan, the depth of the tests varies with the severity of impact and the likelihood of occurrance.
The Risk Management practised at ADN allows the identification and quantification of possible risks.
Risk Management consists of:
- Identification of possible hazzards,
- Determination of the impact and probability of occurence,
- Determine the means to reduce or eliminate the possibility of these risks causing damage.
Risk Management is one of the key processes of the COBIT reference frames, CMMI and Project Management Body of Knowledge.
ADN develops Risk Management on several axis:
- Qualification Strategy
- Definition of test plans according to classes of risk
- Definition of the criteria for risk analysis suitable for use.
- Understanding requirements
- Monitoring the effectiveness of controls
- Analyse the value of the requirements on the basis of risk
Our references :
- ICH Q9
- COBIT
- ITIL
- ISO 17799
- GAMP Good Pratices Guides
- CMMI
- NIST 800 - 300
- ISO 14791
