Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
11 Cards in this Set
- Front
- Back
Risk assesment is?
|
The appraisal of the probability and significance of identified potential risk events
|
|
Risk is often quantified using this basic formula?
|
Risk = likelihood / probability times Impact / adverse consequence
|
|
Mrthodologies for assessing the probabilty and impact of risk are?
|
Risk probability/impact Matrix,
Qualitative risk matrix, Risk scoring accompanied with Risk analysis matrix, Scoring likelihood and impact, Scenario analysis and planning |
|
Quantifying Impact can by done by using a scale of impact definition which defines the following levels:
|
Catastrophic, loss above a certain amount,
Serious, with the assigned bracket, Minor, with the assigned bracket, and, Insignificant, loss below a certain amount. |
|
Vulnerability assessment process is designed to?
|
Identify, Quantify and prioritise areas in which a system, organisation or supply chain is particularly open to risk or attack.
|
|
Vulnerability assessment is often performed on systems such as?
|
IT Systems,
Energy and water supply systems, Transportation and logistics systems and, Communication systems |
|
Vulnerability assessments would typically include 4 stages:
|
Listing or cataloguing the resources(assests and capabilities) in a given system,
Assigning a quantifiable value, score or rank order of importance to those resources, Identifying the vulnerabilities or potential threats to each resource and, pleaaning to mitigate or eliminate the most serious vulnerabilities for the most valuable resources. |
|
Collating statistical evidence of risks:
|
A key technique for evaluating the probability of occurence is to extrpolate from hitorical statistical data to predict the likelihood of future occurences.
Statistical sampling wil often be used as the total population would be impractical. |
|
Sources of statistical data?
|
Published reports, statistical digests and online databases cataloguing and analyisng risk events,
published risk monitoring reports and assessments from various categories of business risk, Statistical surveys of stakeholder groups, The organisation's records and documents. |
|
Probability Theory
|
The use of probability theory as a quantitative tool aims to add a numerical scale of measurement to ideas such as "very unlikely" or "Quite Likely"
Events can be mutually exclusive or Independent. |
|
Probability Distributions
|
Binomila distribution,
Poisson distribution, Normal distribution |