Scribd Logo
Upload

Welcome to Scribd!

  • Risk Management

    Uploaded by

    ritabanghatak
    155 views12 pages
    gr8 one

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    gr8 one

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    155 views12 pages

    Risk Management

    Uploaded by

    ritabanghatak
    gr8 one

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    RISK MANAGEMENT

    Introduction
    • Risk is defined in ISO 31000 as the
    effect of uncertainty on
    objectives (whether positive or
    negative). 
    • Risk management can therefore be
    considered the identification,
    assessment, and prioritization
    of risks followed by coordinated and
    economical application of resources to
    minimize, monitor, and control the
    probability and/or impact of
    unfortunate events or to maximize
    Principles
    1)create value.
    2)be an integral part of organizational processes.
    3)be part of decision making.
    4)explicitly address uncertainty.
    5)be systematic and structured.
    6)be based on the best available information.
    7)be tailored.
    8)take into account human factors.
    9)be transparent and inclusive.
    10)be dynamic, iterative and responsive to
    change.
    11)be capable of continual improvement and
    enhancement
    Methods
    1.Identify, characterize, and assess
    threats
    2.Assess the vulnerability of critical
    assets to specific threats
    3.Determine the risk (i.e. the expected
    consequences of specific types of
    attacks on specific assets)
    4.Identify ways to reduce those risks
    5.Prioritize risk reduction measures based
    on a strategy
    6.
    Process
    • Establishing the context
    • Identification
    • Assessment
    • Potential Risk Treatments

    1-Establishing The Process
    1.Identification of risk in a selected domain of
    interest
    2.Planning the remainder of the process.
    3.Mapping out the following:
    A.the social scope of risk management
    B.the identity and objectives of stakeholders
    C.the basis upon which risks will be evaluated,
    constraints.
    4.Defining a framework for the activity and an
    agenda for identification.
    5.Developing an analysis of risks involved in
    the process.
    6.Mitigation of risks using available
    technological, human and organizational
    resources.
    2-Identification
    1.Source Analysis
    2.Problem Analysis
    3.Objectives Based Analysis
    4.Scenario Based Analysis
    5.Taxonomy Based Analysis
    6.Common Risk Checking
    7.Risk Charting
    3-Assessment
    1.Determine the Rate of Occurrence
    2.Asset Valuation
    3.The most common formula Rate of
    occurrence multiplied by the
    Impact of Events equals Risk
    4-Potential Risk Treatments
    1.Avoidance (eliminate)
    2.Reduction (mitigate)
    3.Sharing (outsource or insure)
    4.Retention (accept and budget)

    Post Procedures
    • Risk Avoidance
    • Risk Reduction
    • Risk Retention
    • Risk Sharing
    • Create a Risk Management Plan
    • Implementation
    • Review & Evaluation
    Areas Of Risk Management
    • Enterprise Risk Management
    • Risk Management activities related
    to Project management
    • Risk Management & Business
    Continuity
    • Risk Communication



     Thank
    you

    You might also like