Manage risks proportionately

People expect a lot from the government. They expect us to protect their legal interests, provide safe and secure services and use our resources efficiently. To meet those expectations, we need to be able to identify and control risk. 

Throughout the development and delivery of digital products and services, project teams must adhere to compliance standards, as outlined in legislation, regulations, policies, contract language and more. Operating outside of these legal boundaries is not only non-compliant, but also risky. 

Risk is the likelihood of an event happening multiplied by the expected impact if it does. Managing risk means having ways to identify, assess and respond to events that could cause negative outcomes. Proper risk management can take the uncertainty out of your work, leaving you free to innovate and focus on serving the community. 

Examples of risk in digital service delivery include: 

  • Project risk from a service being delayed or not meeting its objectives 
  • Legal risk from falling short of legal standards or obligations 
  • Reputational risk from actions that harm public trust in the government 
  • Financial risk from a project going over budget 
  • Privacy risk from a loss of users’ personal information 
  • Security risk from a bad actor gaining access to a system or confidential information 
  • Data risk from a loss of data integrity or quality 
  • Operational risk from service interruptions or natural disasters 

Last updated on