Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Risk management
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Identification=== After establishing the context, the next step in the process of managing risk is to identify potential risks. Risks are about events that, when triggered, cause problems or benefits. Hence, risk identification can start with the source of problems and those of competitors (benefit), or with the problem's consequences. * Source analysis<ref>{{Cite web|url=http://www.madrid.org/cs/StaticFiles/Emprendedores/Analisis_Riesgos/pages/pdf/metodologia/3IdentificaciondelosRiesgos_en.pdf|title=Risk Identification|publisher=Comunidad de Madrid|page=3}}</ref> β Risk sources may be internal or external to the system that is the target of risk management (use mitigation instead of management since by its own definition risk deals with factors of decision-making that cannot be managed). Some examples of risk sources are: stakeholders of a project, employees of a company or the weather over an airport. * Problem analysis{{Citation needed|date=March 2009}} β Risks are related to identified threats. For example: the threat of losing money, the threat of abuse of confidential information or the threat of human errors, accidents and casualties. The threats may exist with various entities, most important with shareholders, customers and legislative bodies such as the government. When either source or problem is known, the events that a source may trigger or the events that can lead to a problem can be investigated. For example: stakeholders withdrawing during a project may endanger funding of the project; confidential information may be stolen by employees even within a closed network; lightning striking an aircraft during takeoff may make all people on board immediate casualties. The chosen method of identifying risks may depend on culture, industry practice and compliance. The identification methods are formed by templates or the development of templates for identifying source, problem or event. Common risk identification methods are: * Objectives-based risk identification {{Citation needed|date=March 2009}} β Organizations and project teams have objectives. Any event that may prevent an objective from being achieved is identified as risk. * Scenario-based risk identification β In [[scenario analysis]] different scenarios are created. The scenarios may be the alternative ways to achieve an objective, or an analysis of the interaction of forces in, for example, a market or battle. Any event that triggers an undesired scenario alternative is identified as risk β see [[Futures Studies]] for methodology used by [[Futurists]]. * Taxonomy-based risk identification β The taxonomy in taxonomy-based risk identification is a breakdown of possible risk sources. Based on the taxonomy and knowledge of best practices, a questionnaire is compiled. The answers to the questions reveal risks.<ref>[http://www.sei.cmu.edu/library/abstracts/reports/93tr006.cfm CMU/SEI-93-TR-6 Taxonomy-based risk identification in software industry]. Sei.cmu.edu. Retrieved on 2012-04-17.</ref> * Common-risk checking<ref>{{Cite web|url=https://www.fsa.go.jp/p_fsa/news/newse/ne_023/03.pdf|title=Risk Management Systems Checklist (Common Items)|website=www.fsa.go.jpn}}</ref> β In several industries, lists with known risks are available. Each risk in the list can be checked for application to a particular situation.<ref>[http://cve.mitre.org Common Vulnerability and Exposures list]. Cve.mitre.org. Retrieved on 2012-04-17.</ref> * Risk charting<ref>{{cite book|last=Crockford|first=Neil|title=An Introduction to Risk Management|location=Cambridge, UK|publisher=Woodhead-Faulkner|edition=2|year=1986|page=18|isbn=0-85941-332-2}}</ref> β This method combines the above approaches by listing resources at risk, threats to those resources, modifying factors which may increase or decrease the risk and consequences it is wished to avoid. Creating a [[Risk matrix|matrix]] under these headings enables a variety of approaches. One can begin with resources and consider the threats they are exposed to and the consequences of each. Alternatively one can start with the threats and examine which resources they would affect, or one can begin with the consequences and determine which combination of threats and resources would be involved to bring them about.
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Risk management
(section)
Add topic
