IT Risk Management System Design And Implementation

International IT governance is closely related to the five areas of IT value: performance measurement, risk management, resource management, value delivery strategy agreement. Among them, the value delivery and risk management aspects of the proceeds belong to the contents and the value is directly related to IT. IT risk management is executed in order to achieve strategic business objectives in the planning and organization, development and implementation, operation and maintenance process, monitoring and evaluation of IT risk management, and establish and improve IT risk management system, including the organization of IT risk management functions of the system, control systems, management strategies. IT risk management system to achieve the overall objective of risk management is to provide reasonable assurance of the premise and methods. How do IT risk management to identify risks from what, and how to identify risks and how to do IT risk assessment, how to analyze the possibility and consequences of events and so requires the appropriate means and tools. So that it can be done on the basis of effective governance of IT to achieve strategic value.Through research domestic enterprises IT risk management methods currently in use, including to risk identification, risk assessment, risk response and so on, combined with domestic and international best practices and relevant industry standards framework.Build IT risk management models designed for the actual situation of domestic enterprises, to complete a complete IT risk management workflow and metrics evaluation model. Eventually developed to achieve IT Risk Management System.The system uses B / S software architecture, MVC framework, Microsoft SQL Server as database, using the Visual Studio integrated design and development, use Bootstrp build WEB front-end. For IT risk identification, assessment, monitoring, disposal and a series of risk management activities provide convenient tools.The value of this system under the mature management framework is in order to be closer to their business to provide a risk management perspective and IT management tools for enterprise risk management, to facilitate the implementation of IT risk management, breaking information barriers between IT departments and business units, so that enterprises effective use of limited resources to reduce the negative deviation of risks, ensuring the realization of corporate strategic objectives.