Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Risk Assessement

No description

Love Pro Evo

on 13 September 2012

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Risk Assessement

Team Flow Chapter 3: Risk management is a business process used to manage all kinds of risks facing business nowadays What is Risk Management? Why Risk Assessment? Jay
Nikki What is Risk? Risk = Threat + (Likelihood + Vulnerability) + Impact Four Phases of Risk Assessment Threat Assessment Vulnerability Assessment Impact Assessment Risk Mitigation Strategy Development Risk Assessment First step of Risk Management
Commonly used by most businesses Thank You Caused by natural phenomenon and found in the environment
Linked to geological boundaries Natural and Environment Threats Two Ways of Approach

Value Based Language Quantitative Qualitative Greater impacts than any other natural hazard
Produces a complex web of impacts that spans many sectors of the economy and reaches well beyond the area experiencing physical drought Drought Defined as severe cyclones, or revolving storms, originating over the equatorial regions of the Earth
Accompanied by torrential rain, lightning, and winds with a speed greater than 74 miles per hour Hurricanes/ Typhoons/ Cyclones specific & measurable numbers can be converted to annual number People: Loss of lives, injuries, drowning
Process: Business disruptions, Loss of records and Power outages
Technology: Damages to equipment and IT system
Infrastructure: Structural damages Impacts Impact Threat Source People: Loss of lives and home, injuries
Process: Business disruptions and destruction
Technology and Infrastructure: Significant damages to IT system, buildings, as well as transportation system. Impacts THREAT Threat
Likelihood Impact
Cost Vulnerability Human-made Threats IBM Customized Scale 80% Numeric
1 Frequency
Very Frequently
Very Infrequently
Never About a quarter (24.14%) of the Continental U.S. is now in ‘Extreme’ or ‘Exceptional’ drought (D3 – D4),
a rise of about 2 percent since July 31, and nearly a half (46.01%) of the country is experiencing ‘Severe’ to ‘Exceptional’ drought levels (D2 – D4), Impact Financial Employees and staff Example Including long-term and short-term impacts
People: Population shifting, reduced life quality
Process: loss or reduction of the ability to produce goods and/or provide services. Impacts Power outage occurs once every four years 25% chance of a power outage /year Operational Cyber Threats Example Characterized by relatively high water flow that spills over the natural or artificial banks.
Highly linked to geological boundaries Floods THREAT ASSESSMENT
METHODOLOGY Theft, Sabotage & Vandalism Labor Disputes Workplace Violence Terrorism Chemical / Biological Hazards Wars Infrastructure
Threats Building-specific Failures
Public transportation disruption
Loss of utilities
Petroleum or oil shortage
Food or water contamination
Regulatory or legal changes Vulnerability
Assessment Definition Understanding weakness, susceptibility, or exposure to hazards or threats 1. It can be exploited intentionally or triggered unintentionally

2. It includes IT, but is not limited to only IT.
Other external factors need to be accounted for in order to ensure completeness. Assessment Research Areas
Impact on company staff and the surrounding community
Understand how adaptable the business proccesses are.
It is unlikely to be business as usual after a disaster!
Recognizing the need to go beyond conventional IT security
e.g. passwords Four Major Types of Tools
To Assess Threats Questionnaires
Document Reviews
In-house and external that company is dependent on e.g. an airport Vulnerability assessment Analysis with interim
risk values Business impact analysis Resultant Document List 1. All potential threat sources 2. Likelihood of each component 3. Vulnerability of company and IT 4. Interim risk value to
each component Power Outage Lightning
Strike Power out in entire facility for two business days Threat
Likelihood Vulnerability Impact
~ 25 % chance of power outage in every year = 0.25 1. Assess the likelihood of occurence 2. Assess your vulnerability
everytime there is a power outage, your power goes out
~100 % chance of power going out when lightning strikes = 1 RISK VALUE = 0.25 x 1 = 0.25 Lost Sales per day
$18,000 Fixed Costs per day
$4,200 Damage to Reputation
$ 4,000 Impact Power out in entire facility
for two business days IMPACT COSTS = $36,000 + $ 8,400 + $ 4,000 = $48,000 Power Outage Lightning
Strike Power out in entire facility for two business days Threat
Likelihood Vulnerability Impact
Cost 0.25 x 1 $36,000+$8,400+$4,000=$48,400 Total Annualized Risk Cost of Power Outage
Due to Lightning Strike = $ 12,100 0.25 x $48,000 = $ 12,100 Impact
Extremely high
Very high
Very low
Extremely low People Process Technology Infrastructure Questions ? Summary What is Risk?
Relationship between Risk Management and Risk Assessment
Type of Threats and Impacts
Threat Assessment Methodology
Vulnerability Assessment
Full transcript