diff --git a/Processes/COSO/Risk Management/Risk Register.md b/Processes/COSO/Risk Management/Risk Register.md index d0e36d7..2e783b1 100644 --- a/Processes/COSO/Risk Management/Risk Register.md +++ b/Processes/COSO/Risk Management/Risk Register.md @@ -2,7 +2,7 @@ The risk register is a central repository to describe and track risks as well as record actions. It includes information for each risk such as risk category, likelihood, consequence, mitigation measures, risk owner and documentation of changes. -| Risk No. | R | Category | Risk Event | L | C | O | Mitigation Strategy | L* | C* | Changes | Comments | ES | EY | +| No. | R | Category | Risk Event | L | C | O | Mitigation Strategy | L* | C* | Changes | Comments | ES | EY | | -------- | ---- | ---------------- | ------------------------------------------------------------ | ---- | ---- | ---- | ------------------------------------------------------------ | ---- | ---- | ------- | ------------------------------------------------------------ | ---- | ---- | | 1 | DE | Operational Risk | Loss of source code | 1 | 5 | | Avoiding: Store source code in cloud (github). At least one local developer PC and project server. | | | | | yes | yes | | 2 | DE | Operational Risk | Source code leak | 5 | 1 | | Controlling: The programming language is compiled at runtime. The value of the software lies in the updates, support and licenses. | | | | Many companies transferred the revenue model to subscriptions (e.g. Adobe, Microsoft) in order to avoid similar problems. | yes | yes |