The report, “Executive’s guide to IT innovation in small businesses,” was published this month. For IT issues, the guide suggests a risk management approach that includes classifying potential risks into categories, assessing the likelihood of occurrence for each risk, and mitigating risks, which includes tracking past and current risk assessment and mitigation.
The guide also suggests creating a “risk register” that describes the risk categories and typical risk mitigation measures. The register would also include a list of risk assessments, allowing for a quick overview of completed, archived or in-progress risk management tasks.
The IT risk assessment is on page 22 of the report. Here is the link to the report (free registration may be required).