...
Risk Management Domain Schema
Cross-Domain Relationship Mappings
Risk-Strategy Relationship Schema
...
| Code Block |
|---|
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Risk-Capability Relationship Schema",
"description": "Schema for relationships between Risk Management domain and Capability domain",
"type": "object",
"required": ["relationshipID", "riskID", "title", "relationshipType"],
"properties": {
"relationshipID": {
"type": "string",
"description": "Unique identifier for this relationship"
},
"riskID": {
"type": "string",
"description": "ID of the risk element"
},
"title": {
"type": "string",
"description": "Name of the capability"
},
"relationshipType": {
"type": "string",
"description": "Nature of the relationship",
"enum": ["risk-to-capability", "capability-to-risk", "mitigating-capability", "risk-generating-capability", "impacted-capability", "interdependent", "other"]
},
"relationshipStrength": {
"type": "integer",
"description": "Importance of this relationship (1-5)",
"minimum": 1,
"maximum": 5
},
"riskImpact": {
"type": "object",
"description": "How risk impacts capability",
"properties": {
"impactDescription": {
"type": "string",
"description": "Description of impact"
},
"impactSeverity": {
"type": "string",
"description": "Severity of impact",
"enum": ["minimal", "moderate", "significant", "severe", "critical"]
},
"impactScenarios": {
"type": "array",
"description": "Specific impact scenarios",
"items": {
"type": "string"
}
}
}
},
"capabilityControls": {
"type": "array",
"description": "Controls within capability addressing risk",
"items": {
"type": "object",
"properties": {
"controlDescription": {
"type": "string",
"description": "Description of control"
},
"controlEffectiveness": {
"type": "string",
"description": "How well control works",
"enum": ["ineffective", "partially-effective", "effective", "highly-effective", "not-assessed"]
},
"implementationStatus": {
"type": "string",
"description": "Status of implementation",
"enum": ["not-implemented", "planning", "in-progress", "implemented", "verified"]
}
}
}
},
"capabilityGaps": {
"type": "array",
"description": "Capability gaps increasing risk",
"items": {
"type": "object",
"properties": {
"gapDescription": {
"type": "string",
"description": "Description of gap"
},
"riskContribution": {
"type": "string",
"description": "How gap contributes to risk"
},
"remediation": {
"type": "string",
"description": "Plan to address gap"
}
}
}
},
"performanceMetrics": {
"type": "array",
"description": "Metrics for measuring risk impact on capability",
"items": {
"type": "object",
"properties": {
"metricName": {
"type": "string",
"description": "Name of metric"
},
"metricDescription": {
"type": "string",
"description": "What metric measures"
},
"currentValue": {
"type": "string",
"description": "Current measurement"
},
"targetValue": {
"type": "string",
"description": "Target value"
}
}
}
},
"improvementInitiatives": {
"type": "array",
"description": "Initiatives to improve capability for risk management",
"items": {
"type": "object",
"properties": {
"initiativeDescription": {
"type": "string",
"description": "Description of initiative"
},
"expectedOutcome": {
"type": "string",
"description": "Anticipated result"
},
"status": {
"type": "string",
"description": "Current status",
"enum": ["proposed", "approved", "in-progress", "completed", "canceled"]
}
}
}
},
"dependencyRisks": {
"type": "array",
"description": "Risks arising from capability dependencies",
"items": {
"type": "object",
"properties": {
"dependencyType": {
"type": "string",
"description": "Type of dependency"
},
"dependentEntity": {
"type": "string",
"description": "What capability depends on"
},
"riskScenario": {
"type": "string",
"description": "Risk scenario created by dependency"
}
}
}
}
}
}
|
Strategic Response Model Integration
Risk-Related Strategic Responses Schema
| Code Block |
|---|
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Risk-Related Strategic Responses Schema",
"description": "Schema for risk-related strategic responses in the Strategic Response Model",
"type": "object",
"required": ["responseID", "responseTitle", "responseDescription", "triggerReferences", "rationaleReferences"],
"properties": {
"responseID": {
"type": "string",
"description": "A unique identifier for the strategic response"
},
"responseTitle": {
"type": "string",
"description": "A concise title summarizing the strategic response"
},
"responseType": {
"type": "string",
"description": "The classification of the response",
"enum": ["Risk_Prevention", "Risk_Mitigation", "Risk_Transfer", "Risk_Acceptance", "Control_Enhancement", "Incident_Response", "Business_Continuity", "Compliance_Program", "Risk_Governance"]
},
"responseDescription": {
"type": "string",
"description": "A detailed explanation of the strategic response, its objectives, and scope"
},
"riskIDs": {
"type": "array",
"description": "Risk elements this response addresses",
"items": {
"type": "string"
}
},
"triggerReferences": {
"type": "array",
"description": "An array of triggerIDs that initiated this strategic response",
"items": {
"type": "string"
}
},
"rationaleReferences": {
"type": "array",
"description": "An array of rationaleIDs providing justification for this response",
"items": {
"type": "string"
}
},
"performanceIndicatorReferences": {
"type": "array",
"description": "Metrics or KPIs that will be used to measure the success of the strategic response",
"items": {
"type": "string"
}
},
"riskOutcomes": {
"type": "array",
"description": "Specific risk management outcomes resulting from this response",
"items": {
"type": "object",
"properties": {
"outcomeDescription": {
"type": "string",
"description": "Description of risk outcome"
},
"targetRiskLevel": {
"type": "string",
"description": "Desired risk level after response",
"enum": ["very-low", "low", "moderate", "high", "very-high"]
},
"measurementApproach": {
"type": "string",
"description": "How outcome will be measured"
}
}
}
},
"implementedControls": {
"type": "array",
"description": "Risk controls implemented by this response",
"items": {
"type": "object",
"properties": {
"controlName": {
"type": "string",
"description": "Name of control"
},
"controlDescription": {
"type": "string",
"description": "Description of control"
},
"controlType": {
"type": "string",
"description": "Type of control",
"enum": ["preventive", "detective", "corrective", "directive", "other"]
},
"implementationStatus": {
"type": "string",
"description": "Status of implementation",
"enum": ["planned", "in-progress", "implemented", "effective", "ineffective"]
}
}
}
},
"affectedDomains": {
"type": "array",
"description": "A list of business architecture domains impacted by this response",
"items": {
"type": "string",
"enum": ["Risk", "Strategy", "Capability", "Product", "Service", "Value_Stream", "Performance", "Information", "Organization", "Initiative", "Customer", "Market", "Finance"]
}
},
"implementationPlan": {
"type": "object",
"description": "Plan outlining how the response will be executed",
"properties": {
"phaseApproach": {
"type": "string",
"description": "Phasing of implementation"
},
"keyActivities": {
"type": "array",
"description": "Major implementation activities",
"items": {
"type": "string"
}
},
"resources": {
"type": "string",
"description": "Resources required for implementation"
},
"governanceStructure": {
"type": "string",
"description": "Governance over implementation"
}
}
},
"riskMonitoring": {
"type": "array",
"description": "Ongoing risk monitoring approaches",
"items": {
"type": "object",
"properties": {
"monitoringMethod": {
"type": "string",
"description": "Method for monitoring"
},
"keyIndicators": {
"type": "array",
"description": "Indicators being monitored",
"items": {
"type": "string"
}
},
"frequency": {
"type": "string",
"description": "How often monitoring occurs",
"enum": ["continuous", "daily", "weekly", "monthly", "quarterly", "annually", "event-driven"]
}
}
}
},
"expectedOutcomes": {
"type": "string",
"description": "A description of the anticipated results or benefits from implementing the response"
},
"responsibleOrgUnits": {
"type": "array",
"description": "Organisation units accountable for executing the strategic response",
"items": {
"type": "string"
}
},
"startDate": {
"type": "string",
"format": "date",
"description": "The planned start date for implementing the strategic response"
},
"endDate": {
"type": "string",
"format": "date",
"description": "The planned completion date for the strategic response"
},
"status": {
"type": "string",
"description": "The current status of the strategic response",
"enum": ["Planned", "In_Progress", "Completed", "Deferred", "Cancelled"]
},
"lastUpdated": {
"type": "string",
"format": "date",
"description": "The date when the strategic response record was last updated"
},
"residualRiskAssessment": {
"type": "string",
"description": "Assessment of risk remaining after response implementation"
},
"strategicThemes": {
"type": "array",
"description": "An array of strategic priorities that this initiative supports",
"items": {
"type": "string"
}
}
}
}
|
Risk Management Domain Schema Properties
...