Risk Assessment Policy

1.0 Purpose

The purpose of this policy is to establish guidelines for identifying and managing risks that may impact SQETCH Studio's business operations, assets, and employees.

2.0 Scope

This policy applies to all employees, contractors, and consultants who work for SQETCH Studio.

3.0 Risk Assessment Process

SQETCH Studio will conduct regular risk assessments to identify and evaluate potential risks to the business. The risk assessment process will include the following steps:

1. Identify Risks: SQETCH Studio will identify potential risks to its business operations, assets, and employees, including risks related to information security, physical security, financial, legal, regulatory compliance, and reputation.

2. Assess Risks: SQETCH Studio will assess the likelihood and potential impact of identified risks to prioritize and manage them effectively.

3. Mitigate Risks: SQETCH Studio will develop and implement measures to mitigate identified risks, including risk transfer, risk avoidance, risk reduction, and risk acceptance.

4. Monitor and Review Risks: SQETCH Studio will monitor and review the effectiveness of its risk mitigation measures and adjust them as needed to ensure ongoing risk management.

4.0 Roles and Responsibilities

The following roles and responsibilities are defined for the risk assessment process:

a. The IT Lead will lead the risk assessment process and work with other departments to identify and assess potential risks to the business.

b. All employees, contractors, and consultants are responsible for reporting any potential risks to the IT Lead or their supervisor.

5.0 Compliance

Failure to comply with this policy may result in disciplinary action, up to and including termination of employment.

Last Update: January 2023