Department/Team

Enter department responsible for assessment.

Date of Assessment

Assessor Name

IT Asset/Process Assessed

Specify the system, software, or process being evaluated.

Risk Identified

Describe potential threats (e.g., cyberattack, data breach, hardware failure).

Likelihood

Rate how likely the risk is to occur.

• Low

• Medium

• High

Impact

Assess the potential damage if the risk materializes.

• Low

• Medium

• High

Risk Level

Determine overall risk level based on likelihood and impact.

• Low

• Medium

• High

Current Controls in Place

List any existing measures to manage or mitigate the risk.

Additional Actions Required

Outline further steps needed to reduce the risk.

Completion Date for Actions

Set deadlines for completing additional measures.

Risk Re-assessment Date