Risk - Prelim

avatar
Created by
Ayeessa Liah

Cards (54)

  • Potential for harm
    Situation involving exposure to danger
  • RiskManagement

    Possibility of something bad happening
  • Risk management
    • Coordinated activities to direct and control an organization with regard to risk
    • The process to eliminate, reduce and control risk
    • Identifying, analyzing, measuring, monitoring and controlling risk
    • Reducing the negative and emerging opportunities
    • Achievement of business strategy and objectives
  • Risk assessment
    1. Risk identification
    2. Risk analysis
    3. Risk evaluation
  • Risk identification
    • Find the risk
    • Recognize the risk
    • Describe the risk
  • Risk analysis
    • Comprehend the nature of risk
    • Characteristics
    • Sources
    • Consequences
    • Likelihood
    • Scenario
  • Risk evaluation

    Support fact-based and science-based decisions
  • Risk response planning
    Treat the risk
  • Risk analysis
    Step where you take your Project Risk Register and use it to monitor, track and review risks
  • Risk management principles (PNS ISO 31000:2018)

    • Integrated
    • Structured and comprehensive
    • Customized
    • Inclusive
    • Dynamic
    • Use best available information
    • Consider human and cultural factors
    • Continual improvement
  • Risk assessment
    1. Systematic
    2. Iterative
    3. Collaborative
  • Risk identification
    Find, recognize and describe the risks that might help or prevent an organization's important objectives
  • Factors in risk identification
    • Tangible and intangible sources of risk
    • Causes and events
    • Threats and opportunities
    • Vulnerabilities and capabilities
    • Changes in the external and internal context
    • Indicators of emerging risks
    • The nature and value of assets and resources
    • Consequences and their impact on objectives
    • Limitations of knowledge and reliability of information
    • Time-related factors
    • Biases
    • Assumptions
    • Beliefs of those involved
  • Types of risk
    Result to a positive or negative outcomes, uncertainty will always exist
  • Risk categorized (Hopkin 2018)
    • Compliance (mandatory) risk
    • Hazard risk
    • Control risk
    • Opportunity risk
  • Compliance (mandatory) risk

    Involve government-mandated licenses and business permits and requirements
  • Compliance (mandatory) risk

    • Business clearance, Insurance, Internal revenue, Security exchange
  • Hazard risk
    Prevent and deter the achievement of company's goals, missions, and objectives
  • Hazard risk
    • Fire, Typhoon, Flood, Earthquake, Injury
  • Control risk
    Uncertainty or doubt about the ability to achieve company's goals, missions, and objectives
  • Control risk
    • Mechanisms, Rules, Procedures to Prevent Fraud
  • Opportunity risk
    • Deliberately sought or embraced by the organization
    • Seeking to enhance the achievement of goals, missions, and objectives
  • Opportunity risk
    • Buying new property, Selling new products and services, moving a business to a different location
  • Risk assessment and risk analysis

    Comprehend the nature of risk and its characteristics, where appropriate, the level of risk
  • An event can have multiple causes and consequences and can affect multiple objectives
  • Analysis techniques
    • Qualitative
    • Quantitative
    • Combination of qualitative and quantitative
  • Qualitative risk analysis
    • Process of evaluating and rating
    • Goal is to come up with a short list of risks that need to be prioritized above others
  • Quantitative risk analysis
    • Process of calculating risk based on data gathered
    • Goal is to further specify how much will the impact of the risk cost the business
  • Qualitative risk analysis

    Based on a person's perception or judgment
  • Quantitative risk analysis
    Based on verified and specific data
  • Risk analysis factors
    • Likelihood of events and consequences
    • Nature and magnitude of consequences
    • Complexity and connectivity
    • Time-related factors and volatility
    • Effectiveness of existing controls
    • Sensitivity and confidence levels
  • Divergence of opinions
    Difference between two or more things, attitudes, or opinions
  • Biases
    Prejudice in favor of or against one thing, person, or group
  • Perception of risk

    People's beliefs, attitudes, judgments, and feelings toward risk
  • Judgement
    Ability to make considered decisions or come to sensible (practical) conclusions
  • Threat and vulnerability assessment and risk analysis

    • Values of threat, consequence, and vulnerability
    • Inevitable to conduct initially threat and vulnerability assessment
  • Threat assessment
    Consideration for the full spectrum of threats (natural, criminal, terrorist, accidental) for a given facility/location
  • Vulnerability of loss
    Vulnerability of loss from an assessment must be performed to consider the potential impact location
  • Impact of loss: Vulnerability
    • Very high: High profile facility that provides a very attractive target for potential adversaries
    • High: High profile regional facility or a moderate profile national facility that provides an attractive target and/or the level of deterrence and/or defense
    • Moderate: Moderate profile facility (not well known outside the local area or region)
    • Low: Not a high profile facility and provides a possible target
  • Risk analysis
    Combination of the impact of loss rating and the vulnerability rating to evaluate the potential risk to the facility or to an event from a given threat