Skip to main content

About risk assessments

Risk assessments help government organisations in New Zealand to make sure they can understand, prioritise and manage security risks.

Importance of business and technical contexts

To accurately identify, analyse, prioritise and manage the risks to an information system, you’ll need to know its:

Knowing these contexts allows you and the stakeholders to be sure you know the business objectives and the factors, both internal and external, that influence the risks. For these reasons, they are key starting points for risk assessments.

Importance of risk assessments

It’s essential that NZ government organisations assess the risks for all information technologies they adopt.

Information systems and risk assessments

Risk assessments, as outlined on, focus on information systems in government organisations.

Setting up a successful risk assessment

Information systems

Information systems are sets of technology components that work together to store, process and send information. Cloud services are also information systems.

Information system — National Institute of Standards and Technology

Risk assessments follow risk management standards and methodologies

The process for assessing risks is aligned with and based on the following risk management standards from Standards New Zealand.

The risk assessment process also draws from methodologies in risk assessment from:

Utility links and page information

Was this page helpful?
Thanks, do you want to tell us more?

Do not enter personal information. All fields are optional.

Last updated