13/07/2020

How to conduct an IT risk assessment

Our work habits have changed dramatically over the past few months but are you sure your business is protected from malicious attacks taking advantage of the disruption? The best way to safeguard your business from potential threats is to carry out an IT risk assessment. Our IT support team has put together a quick checklist to help you identify all possible vulnerabilities to your business’s security. 

List all possible IT vulnerabilities 

The very first thing to do when carrying out a risk assessment is to make a physical document of all the places your IT network could be vulnerable to attacks, such as ransomware, phishing or loss of physical data storage. An example of this is finding out how your employees deal with receiving an email from an unknown sender or how you secure your sensitive data. 

Analysis of the risks

Once you have identified areas of risk, you need to analyse each specific threat in terms of the nature of the attack; how likely it is to happen, and how much damage it could cause to your business. Don’t forget to ask your staff to help as they may have faced issues that hadn’t occurred to you. 

Understand how IT issues affect other areas

A cyber attack affects more than just the targeted area of your network. If left unchecked, it can begin to affect other areas of your business, such as compliance to data laws and productivity, as it spreads through your system. So, as well as identifying the types of threats you face, consider how each will affect your business on a larger scale and what steps you need to take to minimise damage. 

Write a report of your findings and recommendations 

Once you have completed the assessment, you will then need to create a report detailing your findings, your recommendations and strategy for how you will protect your business in the event the worst should happen. 

Notify staff of your risk assessment & findings

Share your findings with your employees to help them understand their cyber security duties and the important role they play in keeping the business, and their jobs, safe and secure. It will also make them aware of the types of threats they are facing and so become even more vigilant when accessing your IT network. 


If your risk assessment highlights several areas of concern or you’re not confident in your IT skills, get in touch with Treken today on 01202 612333.

 Our expert IT support team continually monitor your server and network to keep your business secure from IT threats whether you are currently working from home or in the office – in fact, we often know about threats before you do!