Chapter 47 – |
Risk Assessment and Risk Management |
Robert Jacobson, CPP
Chapter Contents:
|
47.1 |
|
An Introduction to Risk Management
|
|
47.1.1 |
|
What Is Risk?
|
|
47.1.2 |
|
What Is Risk Management?
|
|
47.2 |
|
Objective of a Risk Assessment
|
|
47.3 |
|
Limits of Questionnaires in Assessing Risks
|
|
47.4 |
|
A Model of Risk
|
|
47.4 |
|
The Two Inconsequential Risk Classes
|
|
47.4.2 |
|
The Two Significant Risk Classes
|
|
47.4.3 |
|
Spectrum of Real-World Risks
|
|
47.5 |
|
Risk Mitigation
|
|
47.5 |
|
Difficulties Applying ALE Estimates
|
|
47.5.2 |
|
What a Risk Manager Tries to Do
|
|
47.5.2.1 |
|
The Three Risk Management Regions
|
|
47.5.2.1 |
|
Where ROI-Based Risk Mitigation Is Effective
|
|
47.5.2.2 |
|
Four Reasons for Adopting a Mitigation Measure
|
|
47.5.3 |
|
How to Mitigate Infrequent Risks
|
|
47.5.3.1 |
|
Reduce the Magnitude of High Single-Occurrence Losses
|
|
47.5.3.2 |
|
Mitigation Selection Process
|
|
47.5.4 |
|
Summary of Risk Mitigation Strategies
|
|
47.5.4.1 |
|
Risk Assessment/Risk Mitigation Summary
|
|
47.6 |
|
Risk Assessment Techniques
|
|
47.6.1 |
|
Aggregating Threats and Loss Potentials
|
|
47.6.2 |
|
Basic Risk Assessment Algorithms
|
|
47.6 |
|
Loss Potential
|
|
47.6.3.1 |
|
Property Damage and Liability Losses
|
|
47.6.3.2 |
|
Service Interruption Losses
|
|
47.6.4 |
|
Risk Event Parameters
|
|
47.6.5 |
|
Vulnerability Factors, ALE, and SOL Estimates
|
|
47.6.6 |
|
Sensitivity Testing
|
|
47.6.7 |
|
Selecting Risk Mitigation Measures
|
|
47.7 |
|
Summary
|
|
47.8 |
|
References
|
|
|
|