Research and identify three IT-related Risk Management Plans and list your references to the three plans you found. Then identify 10 important components of an IT Risk Management Plan and define these components as well as their importance in an organization. The submitted document should not exceed two pages in length. Solution The three IT related risk management plans are as follows: Following are the components of an IT related risk management plan: System characterization: System characterization comprises of identification and listing of the characteristics of a system. This helps the analysts to identify any bug easily in case of malfunctioning. The various characteristics of a system can be its need, functional requirement, mission, goal, network, security controls etc. Threat identification: This refers to identification of the types of threats a system can face in an organization. The system is designed in such a way that it is able to identify the threats that might be harmful for the system that is being used. Hacking, viruses, data compromise are some of the threats that are faced by systems in an organization. Vulnerability identification: This involves identification of those areas that are vulnerable for a system. The vulnerable areas are required to be monitored closely. Control analysis: This involves controlling various functions that are related with a system and controlling them so that the system works in the way as required by a company. Likelihood determination: Likelihood determination relates with determining the likeliness that a threat may be damaging for the system. There might be likelihood that the threat might be high, medium or low as far as the likelihood of the threat from a bug is concerned. Impact analysis: This component analyzes the impact of potential threat from vulnerability. The impact analysis requires taking into account the importance of the system. In case of critical system the impact from vulnerability would be high. Risk determination: This involves determining the amount of risk involved in a system. This allows the system analysts to formulate the plans accordingly. Control recommendation: The component requires that there should be recommendations in place that would require controlling of the system so that the system works optimally and gives the desired results. Results documentation: There should be a document that should contain all the details that are related with the results that are to be provided by the system..