With a view to ongoing improvement, enterprises must carry out actions to eliminate non-compliance causes with respect to IT requirements to prevent their reoccurrence.

HOPEX IT Risk Management is used to specify, implement and follow up action plans defined for treating risks. Treating risks also consists of selecting and implementing controls aimed at reducing the risk.

The IT RM Manager defines the action plans for controlling IT risks and allocates actions to the application owners responsible for implementing these plans.