City of Munich
Risks? Under Control.
Conducting Threat and Risk Analyses for the City of Munich
Working with the central IT provider for the City of Munich, Computacenter have been conducting threat and risk analyses to help simplify future risk scenarios for the city.
Across the organisations of the City of Munich, various approaches to risk analysis have developed over time. In some cases, no risk management of any kind was conducted due to lack of resources. The City wanted risk management to be conducted consistently across all organisations, as this ensures that results can be compared.
In line with the City’s requirements, Computacenter developed consistent methods for the processing of risk analysis. These methods are based on the resulting hazard and measure catalogues, which are summarised in a questionnaire. In addition, these methods take account of the various security requirements of the City.
Risk management now follows a clearly defined and widely accepted process with standardised methods, which are provided for all organisations by the central IT service provider it@M. A standardised procedure is in place for identifying threats, protective measures and risks. At the same time, responsibilities are clearly defined and analysis results can be compared.
Due to their complex nature, protecting administrative departments is a real challenge. Each organisation also has differing security requirements and needs a specific risk analysis for its specialist area. With our detailed methods, we have developed a viable and consistent risk management system for the City of Munich, which will also meet all future requirements.