Network / IT environment RISK (non security risks)

When you ask most forums or IT folk about “risk” within IT environments, most of them immediately think you are on about “security”, “penetration testing” etc. I am  not convinced security is the only risk factor in an IT environment. But I genuinely am interested in getting some feedback from other people on what other elements of an IT environment outside IT constiture risk areas

So.... outside of security, what other risks are inherent within IT environments. Does there exist a master document with risk areas for a typical IT environment anywhere? Or can you provide some examples for me to review further?
LVL 3
pma111Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
woolmilkporcConnect With a Mentor Commented:
OK,

there is the "Risk Management Guide for Information Technology Systems" by NIST.
http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/nist800-30.pdf

It introduces kind of a classification:

- Natural Threats - Floods, earthquakes, tornadoes, landslides, avalanches, electrical storms, and other such events.

- Human Threats (general) - Events that are either enabled by or caused by human beings, such as unintentional acts or deliberate actions (sabotage).
 
- Human Threats (IT related) - inadvertent data entry/data destruction, deliberate network based attacks, malicious software upload, unauthorized access to confidential information.

- Environmental Threats - Long-term power failure, pollution, chemicals, liquid leakage.


wmp
0
 
pma111Author Commented:
often known as a risk universe or audit universe
0
 
pma111Author Commented:
Thanks, I will read through I was more after if anyone had conducted a recent risk analysis / risk universe that they would share as a template...
0
 
notacomputergeekConnect With a Mentor Commented:
The State of California has developed this information:
http://www.cio.ca.gov/OIS/Government/risk/toolkit.asp

Of particular interest to you may be the 'Assessment Tool For State Agencies'. Fill this out to see where your organization ranks. Main categories are:
Organizational Reliance on IT
Risk Management
People
Processes
Technology

woolmilkporc already mentioned NIST SP 800-30 and listed the main topics of Business Continutity hazards.
0
All Courses

From novice to tech pro — start learning today.