Our risk assessment templates are tailored based on best practices and standards for Risk Assessment. This package has Risk Assessment forms, guide, templates, matrix, worksheets, procedures, and standards. Refer to other packages for additional supporting documents for a complete enterprise-wide risk assessment. Our risk assessment templates will help you to comply with following regulations and standards like SOX, FISMA, COOP & COG, HIPAA, FFIEC, Basel II, FDA, and ISO 27002. Following Risk assessment templates package is available to suit your needs.

These risk assessment templates can be used by IT departments of different companies, security consulting companies, healthcare organizations, manufacturing company, servicing companies, educational organizations, financial institutions, law firms, telecommunication companies, pharmaceuticals & biotechnology companies, and others.

Feel free to request a sample before buying.

List of documents in this Risk Assessment templates package.

  1. Conducting a Risk Assessment Guide (15 pages)
  2. Risk Assessment Template (17 pages)
  3. Preventative Measures (6 pages)
  4. Example Completed Risk Assessment Template (17 pages)

Cost: $75

Conducting a Risk Assessment Guide


The purpose of this document is to assist the business to carry out a Risk Assessment, which discovers ongoing risks and threats to the business and put into practice procedures to eradicate or trim down those potential risks. This risk assessment template document endows with guidance on how to conduct the Risk Assessment, evaluate the information that is collected and put into practice strategies that will permit the business to manage the risk. The following documents are available to help the business complete the assessment:

  1. Risk Assessment Template
  2. Risk Assessment Worksheet
  3. Facility RA Findings Report
  4. Executive RA Findings Report
  5. Examples of Preventative Measures

The Risk Assessment is merely a division one of an overall Business Assessment. A Business Assessment is separated into two constituents, Risk Assessment and Business Impact Analysis (BIA). The Risk Assessment is intended to evaluate present vulnerabilities to the business’s environment, while the Business Impact Analysis evaluates probable loss that could result during a disaster. To maximize the Risk Assessment, a Business Impact Analysis should also be completed.

Table of Contents of Conducting a Risk Assessment


Objectives of the Risk Assessment
Risk Assessment Process
What Should Be Included?
Steps to Follow

Identifying Risks / Threats
Probability of Occurrence
Vulnerability to Risk
Potential Impact
Preventative Measures in Place
Insurance Coverage
Past Experiences

Review Interview Notes
Follow-Up Meetings
Report the Results

Creation of Executive Report
Presenting the Results
Next Steps

Senior Management Support
Effective Data Gathering Tools
Key Resources
Critical Data
Executive Report

Appendix A: Risk Assessment Survey
Appendix B: Risk Assessment Worksheet
Appendix C: Facility Risk Assessment Report
Appendix D: Executive Risk Assessment Report
Appendix E: Examples of Preventative Measures

Risk Assessment Template


Due to many regulatory compliance authority regulations, your organization must implement Business Resumption, Business Continuity, and Business Impact Analysis Planning Practices to make sure the protection of data is intact. In order to achieve this undertaking, there are numerous steps that your organization will be carried out to discover critical business functions, processes, and applications that process critical data and to understand the potential impact to the business if a disruptive event occurred.

One of the first steps of implementing the Business Resumption, Business Continuity and Business Impact plan for your organization is to conduct a Risk Assessment (RA). This questionnaire will facilitate you to make out the existing risks and threats to the business and implement procedures to eradicate or trim down those potential risks. Once the survey is completed, the RA Project team will analyze the data and create prioritized risk reduction (mitigation) strategies to present to senior management.

Table of Contents of Risk Assessment Template


Respondent Information
Company Information

Facility Related
Technology Related
Weather Related

Natural Risks / Threats
Man-Made Risks / Threats

Environment Risks / Threats
Facility Risks / Threat

Hazardous Materials
Fire Containment
Emergency Notification, Evacuations, Alarms & Exits
Facility Features, Security, & Access
Data Center (Technologies)

Preventative Measures

The following list contains examples of preventative measures that can be implemented by the company to mitigate the potential risks that currently exist. Some of these activities may be achieved easily, as to where some may take more time and more resources.

Natural Risks

These risks are usually associated with weather-related events: flooding, high winds, severe storms, tornado, hurricane, fire, high winds, snowstorms, and ice storms.

Risk / Threat

Preventative Measures

  1. Move large and heavy objects to the fall to prevent injury (from falling on people.)
  2. Equipment tie-downs are used on all critical computer equipment.
  3. Emergency power is available on-site.
  4. Earthquake construction guidelines have been adhered to so that damage can be minimized.
  5. Critical data and vital records should be backed up and sent offsite for storage.
  6. Staff should be trained in Earthquake evacuations and safety.


Man-Made Risks

These risks are usually associated with the man-made type of events: Bomb threats, vandalism, terrorism, civil disorder, sabotage, hazardous waste, work stoppage (internal/external), and computer crime.

Risk / Threat

Preventative Measures

Staff Productivity Risks
  1. Alternate sources of trained employees have been identified
  2. Proper training and necessary cross-training are conducted
  3. Files are backed up and procedures are documented
  4. The work areas are comfortable and safe


Environmental Risks

These risks are usually associated with exposures from surrounding facilities, businesses, government agencies, etc.

Risk / Threat

Preventative Measures

Hazardous Materials Plant

  1. There is a nightly backup of data processing electronic record and that backup is stored off-site
  2. The off-site backup facility is a sufficient distance away from this facility
  3. An alternate site has been identified for use in the event that this facility is unusable

To view a specific section of this document, please contact us at Bob@supremusgroup.com or call us at (515) 865-4591.

To buy individual template packages, visit following links: