Maintaining a Security Risk Assessment and Risk Management Process

In recent years, there has been increasing talk of the rapid entry of artificial intelligence into risk management. All the benefits it would bring over the whole process are often commented on: real-time results, processing large amounts of data, more complete risk identification, more accurate risk assessment, etc. There are also negative moods that make various experts feel threatened by their need to be replaced by artificial intelligence. Another problematic issue that arises is related to the transparency of algorithms and the increase in cyber risks [6]. This material aims to identify the individual elements at the stages of risk management in which artificial intelligence (AI) can and should be applied alone, in combination with expert opinion or not. Here it is shown that because of the use of AI the efficiency of the whole process is significantly increased, first of all by conducting in-depth analyses, and the decisions are made by the risk management experts. This proves its usefulness and increases the confidence of experts in it.

Download Full-text

Demonstration of the Security Risk Assessment and Management Process

Security Risk Assessment and Management ◽

10.1002/9780470168110.ch13 ◽

2007 ◽

pp. 187-296

Keyword(s):

Risk Assessment ◽

Management Process ◽

Security Risk ◽

Security Risk Assessment ◽

Risk Assessment And Management

Download Full-text

Effect of Employees’ Understanding on Risk Management Process on Risk Management: A Case Study in a Non-profit Organisation

International Journal of Financial Research ◽

10.5430/ijfr.v10n3p144 ◽

2019 ◽

Vol 10 (3) ◽

pp. 144

Author(s):

Erlane K Ghani ◽

Nor Hamimah Nor Hassin ◽

Kamaruzzaman Muhammad

Keyword(s):

Risk Assessment ◽

Risk Management ◽

Risk Control ◽

Risk Identification ◽

Management Process ◽

Poor Knowledge ◽

Non Profit ◽

Monitoring Process ◽

Risk Management Process ◽

Risk Assessment And Analysis

Purpose: This study examines the effect of employees’ understanding of risk management process on knowledge on risk management in a non-profit organisation. Specifically, this study examines the effect of employees’ understanding of risk identification, risk assessment and analysis and, risk control and monitoring on their knowledge on risk management.Design/Methodology/Approach: This study used questionnaire survey on 80 employees of various levels in a non-profit organisation.Findings: This study shows that the most of the employees felt that they have a poor knowledge on risk management. The poor knowledge on risk management is attributed by the all three determinants in this study namely, understanding risk identification, risk assessment and analysis and, risk control and monitoring process on knowledge on risk management.Practical Implications: The findings provide indication that non-profit organisations need to provide awareness programs to their employees in increasing their knowledge on risk management. The findings of this study is essential to the managements to ensure that their employees are well informed and understand risk management and subsequently, take necessary control to reduce risks.Originality/Value: This study provides further understanding on the importance of understanding risk management process on performance.

Download Full-text

A TEST CASE PRIORITIZATION BASED ON DEGREE OF RISK EXPOSURE AND ITS EMPIRICAL STUDY

International Journal of Software Engineering and Knowledge Engineering ◽

10.1142/s0218194011005220 ◽

2011 ◽

Vol 21 (02) ◽

pp. 191-209 ◽

Cited By ~ 25

Author(s):

HOIJIN YOON ◽

BYOUNGJU CHOI

Keyword(s):

Risk Assessment ◽

Risk Management ◽

Empirical Study ◽

Risk Exposure ◽

Test Case ◽

Test Case Prioritization ◽

Management Process ◽

Testing Method ◽

Risk Management Process ◽

Prioritization Strategy

We propose a test case prioritization strategy for risk based testing, in which the risk exposure is employed as the key criterion of evaluation. Existing approaches to risk based testing typically employ risk exposure values as assessed by the tester. In contrast, we employ exposure values that have been determined by experts during the risk assessment stage of the risk management process. If a given method produces greater accuracy in fault detection, that approach is considered more valuable for software testing. We demonstrate the value of our proposed risk based testing method in this sense through its application.

Download Full-text