Astana IT University

IT Management IT Risk
Management Course
Final Exam Case study

Presented by Altynay, Rabiga & Nuray

MT-2101
Company overview:
Fortitude Financial Solutions stands as a cornerstone in the
financial services sector, offering a spectrum of banking
and investment products. With a discerning clientele and a
commitment to excellence, the company relies heavily on
its IT infrastructure to deliver seamless services while
complying with regulatory standards.
 Risk Register:
Positive Risks (opportunities): Negative risk (threat):
1. Enhanced technological 1. Technological decay
innovation 2. Regulatory changes
2. Improved employee skills 3. Limited budget impact
3. Reduced costs through
performance profits
4. Positive reputation impact
5. Strategic partnerships
Risk Probability Impact Matrix
Risk Probability Impact Matrix
 Risk Response Strategy
Enhanced Technological Innovation:
Strategy: Make significant investments in
development to profit from new
technologies discovered during the
project.
Tasks:
Set aside funds specifically for research
and development.
Work together with industry leaders
and technological specialists.
Perform studies to determine whether
implementing novel technologies is
feasible.
Time Estimate: 6-12 months
Cost Estimate: $500
Improved employee skills:
Strategy: Put in place a training program to
help staff members become more
knowledgeable about the latest techniques for
managing IT risks.
Tasks:
Determine which specific skill gaps exist
in the workforce.
Create an individualized training
program.
Organize workshops and training sessions.
Time estimate: 3-6 months
Cost estimate: $300
Reduced costs through performance
profits:
Strategy: To reduce costs and streamline
operations, put process optimization
initiatives into action.
Tasks:
·Perform a detailed analysis.
·Determine which areas can be automated
and improved.
·Put efficiency-driven changes into action.
Time estimate: 4-8 months
Cost estimate: $400
Positive reputation impact:
Strategy: Create and carry out a focused
marketing and PR campaign that
emphasizes the effective application of IT
risk management techniques.
Tasks:
·Write an engaging story that highlights
achievements.
·Seek recommendations from influential
people in the industry.
·Make use of social media and other
possibilities for communication.
Time estimate: 6-9 months
Cost estimate: $250
Strategic partnerships
Strategy: Make a concerted effort to establish alliances and
partnerships with IT companies and cybersecurity
companies.
Tasks:
Conduct market research to find possible partners.
Start the conversation and negotiating process.
Create partnerships with mutual benefits.

Time estimate: 9-12 months

Cost estimate: $600
 Risk Response Strategies for Negative Risks

Technological decay: Regulatory changes:

Strategy: To keep up with technology Strategy: Establish a dedicated

developments, set up a system of compliance team to proactively monitor
ongoing observation and updating. and adapt to regulatory changes.

Tasks: Tasks:

Create a watch team for technology. Keep up with changes in regulations.

Evaluate installed solutions for Evaluate the effects of current
relevance on a regular basis. processes.
Prepare and carry out updates as Make the required adjustments to
needed. guarantee compliance.

Time estimate: Ongoing Time estimate: Ongoing

Cost estimate: $200 annually Cost estimate: $150 annually
 Limited budget impact:

Strategy: Within budgetary restrictions, prioritize

important risks and apply a phased method to address
high-priority risks.

Tasks:
Create a phased implementation plan that is
affordable.
Monitor and evaluate your budget regularly.

Time estimate: 12-18 months

Cost estimate: $200
The importance of ongoing risk monitoring and control
mechanisms in IT risk management
Thank
You