Risk Management
Updated over a week ago

Risk management is considered a key cultural objective of Ballpark as an organisational structure. In achieving this the organisation should treat:

  • Management of risk as a concern of all employees.

  • Management of risk is part of everyone’s normal day to day business

  • The process for managing risk is systematic and logical and should be implemented on a routine basis integrated cross team and in aspects of service delivery.

The Risk Management Policy and its supporting controls, processes and procedures apply to all individuals who have access to Ballpark's information and technologies, including external parties that provide information processing services to Ballpark.

Roles and responsibilities

Ballpark's CTO is considered the chair of the SANS Team and has accountability to the CEO and Ballpark Board for managing risk.

The SANS team will direct the risk benchmarking for the organisation and review the information risk register. They will be involved in assessing and reviewing High risks via the SANS team review sessions.

The CTO is responsible to the CEO and Board for managing the risk assessment process and maintaining an up-to-date risk register. The Data Protection Officer and COO will conduct risk assessments and recommend action for Medium and Low risks, where these can be clearly defined in terms of the Ballpark's base benchmark for risk.

The SANS team is responsible for assessing and reviewing High risks, and will have visibility of the risk register.

Information Asset Owners and department managers must be responsible for agreeing and implementing appropriate treatments to risks under their control. They must also take an active role in identifying and reporting new risks.

Contact details:

CTO: Brendan Moore - [email protected]
COO: Kelsey Traher - [email protected]
SANS Team: [email protected]

Our Risk Management Policy sits alongside our Security Policy, Data Management Policy and Data Protection Policy to provide the high-level outline of and justification for Ballpark's risk-based information security controls.

Revision History

Author: Kelsey Traher, COO

Date of change: May 2022

Summary of changes: Reviewed for accuracy; minor changes

Author: Brendan Moore, CTO

Date of change: Oct 2019

Summary of changes: Initial externalised policy document, outlining Ballpark's internal risk management processes

Did this answer your question?