Research Paper: Risk Management Risk and Vulnerability

Pages: 4 (1408 words)  ·  Bibliography Sources: 4  ·  Level: Doctorate  ·  Topic: Business - Management  ·  Buy This Paper

SAMPLE EXCERPT:

[. . .] For example, for the risk analysis team set up for U.S.-VISIT, this information would be helpful in effectively allocating the required measures in place to avert any leakage of classified information. Finally, it is important for an organization to analyze its internal structures and operations with the aim to identify the measures laid out to prevent attackers and preparedness of the personnel and systems to possible attacks (Aven, 2008).

Best risk management practices

Risk management, if carried out properly can help reduce the occurrence of undesirable events. This can be achieved through four distinct steps; prevention measures, preparedness, response and recovery (PPRR). The first two steps involve the steps the organization takes before a crisis happens to endeavor to prevent it from occurring in the first place. The response phase takes into account the actions taken by the organization during any crisis in order to ensure organization's process return to normalcy and finally the recovery process involves the steps taken by the organization to ensure operations return to the previous or even better state (Johansson, 2007). Figure 2 illustrates this process in detail.

Fig.2 Risk management using PPRR

RISK Management

PREVENTION

Actions to prevent a risk event

PREPAREDNESS

Measures set to prepare for a risk event

RESPONSE

Steps taken to deal with occurrence of a risk event

RECOVER

Actions to ensure return to normalcy

BEFORE A RISK EVENT OCCURRENCE

DURING A RISK EVENT

AFTER A RISK EVENT

Various risks have different levels of impact on an organization and therefore it is proper to analyze the various risk elements identified into categories. Afterwards, the risks need to be prioritized depending on the probability of each risk actually happening and its expected consequences on the organization and the eventual effect it will have on the organizations' operations. The risk managers are then supposed to evaluate these impacts with regard to cost, time and labor requirements (Zisa, 2011). Figure 3 puts this into perspective.

Fig. 3 Risk probability table

High Impact

Low Probability

ImpactB

High Impact

High Probability

A

Low Impact

Low Probability

D

Low Impact

High Probability

C

Probability of risk

Based on the probability table, the threats identified by the NOKAS team of experts can be graded. The table below shows how the threats identified was graded by the team of experts.

Risk event identified by U.S.-VISIT analysis

Grade

Unintentional threats (posed by insider)

Intentional threats (posed by insider)

Intentional and unintentional threats from authorized outsider

Intentional threats from unauthorized outsider

C

A

A

B

Ways to mitigate identified risks

The department of U.S.-VISIT has identified some mechanisms and measures that are focused on mitigating the risks identified. These measures include establishment of boundary controls and use of authorization and authentication procedures such as username and passwords. Encryption of data has also help to safeguard against interception of communication. It is also very important to train personnel on the correct use of information to prevent privacy glitches. Outsiders may be required to be vetted to ascertain their authorization and required to sign a memorandum of understanding stating that they will conform to various regulations put in place. Better policies should also be legislated to make sure that identified loopholes in the operations of the information system are ironed out (DHS, 2004).

References

Aven, T. (2008) Risk Analysis: Assessing Uncertainties Beyond Expected Values and Probabilities. Hoboken, NJ: John Wiley & Sons.

Department of Homeland Security (2004) Privacy Impact Assessment: In Conjunction with the Interim Final Rule of August 31, 2004. Visitor and Immigration States Indicator Technology, September 14, 2004. Retrieved from http://epic.org/privacy/us-visit/us-visit_pia2.pdf

Homeland Security (2012) U.S.-Visit. Retrieved from http://www.dhs.gov/files/programs/usv.shtm

Johansson, J. (2007) Risk and Vulnerability Analysis of Large-scale Technical Infrastructure: Electrical Distribution Systems. Department of Industrial, Electrical Engineering and Automation, Lund University. Vol.1(2)

Lewis, T.G. (2006) Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation. Hoboken, NJ: John Wiley & Sons.

Zisa, L. (2011) Assessing the Risk Management Process in the Banking Industry: Risk Assessment Report -- A Case Study on HSBC. Santa Cruz, CA: GRIN Verlag. [END OF PREVIEW]

Four Different Ordering Options:

?
Which Option Should I Choose?

1.  Buy the full, 4-page paper:  $26.88

or

2.  Buy & remove for 30 days:  $38.47

or

3.  Access all 175,000+ papers:  $41.97/mo

(Already a member?  Click to download the paper!)

or

4.  Let us write a NEW paper for you!

Ask Us to Write a New Paper
Most popular!

Risk Management Explain the Difference Essay


Risk Assessment Report Assessment


Enhancing Systems Security in an Organization Term Paper


Risk Management Tools Term Paper


Top Cyber Security Risks Term Paper


View 679 other related papers  >>

Cite This Research Paper:

APA Format

Risk Management Risk and Vulnerability.  (2012, June 2).  Retrieved March 26, 2019, from https://www.essaytown.com/subjects/paper/risk-management-vulnerability/2310980

MLA Format

"Risk Management Risk and Vulnerability."  2 June 2012.  Web.  26 March 2019. <https://www.essaytown.com/subjects/paper/risk-management-vulnerability/2310980>.

Chicago Format

"Risk Management Risk and Vulnerability."  Essaytown.com.  June 2, 2012.  Accessed March 26, 2019.
https://www.essaytown.com/subjects/paper/risk-management-vulnerability/2310980.