Professional Documents
Culture Documents
Detriment,
disadvantage, or deprivation from failure to keep, have, or get: to bear the loss of a robbery The state of being deprived of or of being without something that one has had.
Perils- such as fire, explosion etc Human factors- such as negligence, carelessness, inadequate training, inadequate supervision etc. Inadequate maintenance Failure of Plant/ machinery due to breakdowns Natural perils such as flood, cyclone, earthquake, landslide etc
conditions which are favourable for the incident to assume large proportions More the potential severe will be the extent of loss
Property losses Losses to human resources Liability losses Loss from external economic forces
Drop
Risks are internal & external events (economic conditions, staffing changes, new systems, regulatory changes, natural disasters, etc.) that threaten the accomplishment of objectives. Risk assessment is the process of identifying, evaluating, and deciding how to manage these events
What is the likelihood of the event occurring? What would be the impact if it were to occur? What can we do to prevent or reduce the risk?
7
Determine
company Discover every possible risk factor that may be associate with
Own activities of the organisation Political, social, legal and physical environment in which it operates
Loss/Risk Identification
Risk Perception Exposure Analysis/Identification of Peril
No
single method can reveal all the losses Select the most promising method within the budget constraints Risk identification must be an ongoing process
Reveals various facts about: Nature and extent of the organisation activities Inter-dependencies between various parts of the organisation Breakdown of organisation into cost centres to take risk financing decisions People participating in risk handling decisions Any organisational weaknesses
Data
required for valuation of assets Data for quantifying inter-dependencies Details of financial arrangement Past costs of losses
Other Records After sales servicing records pointing dangerous defects in products.
Flow Charts Pinpoint potential bottlenecks Reveal vulnerability of the business to risk
Developed by economists for tracing the flow of good and services through economy and to identify: Contribution of an organisation to total earnings Exposure of an organisation to risks of disruption of its business
Check
Lists
Threat
Analysis
Hazard
Examine the whole process to identify potential deviations, their causes & possible consequences
Fault
Tree Analysis
Examine causal relationship between the failure of some sub-system Assist in calculating the probability of the loss producing event
Five Steps include: 1. Assign Values to Assets: 2. Determine Loss due to Threats & Vulnerabilities
3. 4.
5.
Treat Risk
IT-Related: Information/data, hardware, software, services, documents, personnel Other: Buildings, inventory, cash, reputation, sales opportunities
What is the value of this asset to the company? How much of our income can we attribute to this asset? How much would it cost to recover this? How much liability would we be subject to if the asset were compromised?
Costs
Sales
Intangible: High/Med/Low Replacement Cost= Cost of loss of integrity= Cost of loss of availability= Cost of loss of confidentiality= Replacement Cost= Cost of loss of integrity= Cost of loss of availability= Cost of loss of confidentiality= Replacement Cost= Cost of loss of integrity= Cost of loss of availability= Cost of loss of confidentiality=
Product C
Natural: Flood, fire, cyclones, rain/hail/snow, plagues and earthquakes Unintentional: Fire, water, building damage/collapse, loss of utility services, and equipment failure Intentional: Fire, water, theft Intentional, non-physical: Fraud, hacking, identity theft, malicious code, social engineering, phishing, denial of service
System Vulnerabilities
Misinterpretation:
Poorly-defined procedures, Disgruntled employee, employee error, uncontrolled processes, Insufficient staff, poor network design, Inadequate mgmt, improperly configured Inadequate compliance equipment enforcement
Behavioral:
Coding Problems:
Security ignorance, poorly-defined requirements, defective software, unprotected communication
Physical Vulnerabilities:
Fire, flood, negligence, theft, kicked terminals, no redundancy
Best sources: Past experience Specialists and expert advice Market research & analysis Experiments & prototypes If no good numbers emerge, estimates can be used, if management is notified of guesswork
Qualitative: Prioritizes risks so that highest risks can be addressed first Based on judgment, intuition, and experience May factor in reputation, goodwill, nontangibles Quantitative: Measures approximate cost of impact in financial terms Semiquantitative: Combination of Qualitative & Quantitative techniques
Loss
usually involves investment of resources (Funds, Efforts or Time) for optimal level of loss
Considerations
control:
BENEFITS
Loss
Prevention
Loss
Avoidance
Loss
Reduction
Carrying
out of numerous activities that minimize expected losses by reducing the frequency of losses (loss prevention).
For
e.g. Family building a fence around their yard to protect their child, OR
Manufacturing
of safer products by
businesses.
Completely
avoiding the activity that potentially gives rise to the loss. leads to the sacrifice of benefits from the activity that gave rise to the potential loss. e.g. in 1980s, many small airplane manufacturers went out of business to avoid law suits.
It
For
, which decrease the magnitude of a loss if one occurs. For e.g. investment in Fire Extinguishers reduces magnitude of loss by fire, but it cant prevent it. which occur subsequent to an event that causes a loss. For e.g. placing plywood over windows that were broken in a storm can reduce subsequent water damage and theft losses.
Post-Loss Activities,
CATASTROPHE PLANNING
A type
of Pre-Loss reduction activity to reduce the magnitude of losses, both Natural- Hurricanes, Earthquakes, Tsunamis etc Man Made Nuclear Accidents, Chemical Spills etc
Local,
State and Federal Governments, as well as many Organizations have detailed plans of evacuation, medical treatment, power restoration and cleanup.
In
situations where premiums accurately reflect loss control activities, insurance coverage can reduce moral hazards.
e.g. a restaurant will have greater incentive to install flooring material that reduces slips and falls, if its insurance premiums are reduced following installation of new flooring.
For
THANK YOU