How can I manage the risks associated with ICT?

Potential risks related to ICT include risks to security, health and safety and financial stability. Information and valuable equipment may be lost, damaged or stolen. Or unauthorised people may gain access to sensitive information. Charities above a certain size must carry out risk assessments and may need to take technical advice to address ICT-related issues.

Risk assessment can be broken down into several phases:

  • Identify the risk. What can go wrong e.g. loss of accounts/finance records;
  • Evaluate the risk. How likely it is to occur e.g. high, medium, low likelihood;
  • Analyse the risk. What would be the consequences if the risk did occur e.g. unable to produce/monitor finances and budget if accounting records lost;
  • Manage the risk. Once the risk factors have been established, put systems, policies and procedures in place to minimise the effects of the risk should it occur e.g. back-up systems.

These issues must be considered by senior managers and trustees, and policies and practises will need to be in place to reflect the risks identified.

For more information visit:

Download the Lasa ICT Security Guide.

Comments are closed.

Not the answer you were looking for?

Try looking in these topics...All Questions, Data Protection, Planning, Policy, Risk Management, Security, Trustees

Search for an answer

Produced by the Regional ICT Champions who were a Capacitybuilders funded project coordinated by NAVCA from 2008 to 2011