A Risk Assessment Framework to Reduce Risk Level and Optimize Software Quality

Risk management for software projects is intended to minimize the chances of unexpected events, or more specifically to keep all possible outcomes under tight management control with making judgments about how risk events are to be treated, valued, compared and combined. It is necessary to have some well-founded infrastructure for the identification of software security risks as well as the application of appropriate controls to manage risks. To be truly beneficial, the risk analysis framework must be granular and practical enough to produce a customizable roadmap of which problems exist, and to rank them in order of severity. The paper a risk assessment framework for a precise, unambiguous and efficient risk analysis with qualitative risk analysis methodologies and tree based techniques by exploiting the synthesis of risk analysis methods with object-oriented modeling, semi-formal methods and tools, in order to improve the security risk analysis of software and security policy implementation of security-cri tical systems to reduce risk levels and optimizequality instructions.

Download Full-text

The prospects of occupational risk management during reforms of regulatory legislation basis

Russian Journal of Occupational Health and Industrial Ecology ◽

10.31089/1026-9428-2018-10-39-44 ◽

2019 ◽

pp. 39-44 ◽

Cited By ~ 2

Author(s):

Vadim B. Alekseev ◽

Nina V. Zaitseva ◽

Pavel Z. Shur

Keyword(s):

Risk Assessment ◽

Risk Management ◽

Social Insurance ◽

Well Being ◽

Occupational Risk ◽

Risk Level ◽

Federal Law ◽

Work Safety ◽

Risk Levels ◽

Legal Principles

Despite wide legislation basis of regulating relations in work safety and workers’ health, one third of workplaces demonstrate exceeded allowable normal levels of workers’ exposure to occupational hazards and present occupational risk for health disorders.In accordance to national legislation acts, evaluation should cover factors of occupational environment and working process, and occupational risk is understood in context of mandatory social insurance. This approach has been formed due to mostly compensatory trend in legal principles of work safety in Russia by now. Implementation of new preventive concept of work safety, based on idea of risk management for workers, necessitates development of legal acts that regulate requirements to evaluation of occupational risk and its reports with consideration of changes in Federal Law on 30 March 1999 №52 FZ “On sanitary epidemiologic well-being of population”.Those acts can include Sanitary Rules and Regulations “Evaluation of occupational risk for workers’ health”, that will contain main principles of risk assessment, requirements to risk assessment, including its characteristics which can serve as a basis of categorizing the risk levels with acceptability.To standardize requirements for informing a worker on the occupational risk, the expediency is specification of sanitary rules “Notifying a worker on occupational risk”. These rules should contain requirements: to a source of data on occupational risk level at workplace, to informational content and to ways of notifying the worker. Specification and implementation of the stated documents enable to fulfil legal requirements completely on work safety — that will provide preservation and increase of efficiency in using work resources.

Download Full-text

Cyber-security risk assessment framework for critical infrastructures

Intelligent Automation & Soft Computing ◽

10.31209/2018.100000049 ◽

2018 ◽

pp. -1--1 ◽

Cited By ~ 2

Author(s):

Zubair Baig ◽

Sherali Zeadally

Keyword(s):

Risk Assessment ◽

Cyber Security ◽

Critical Infrastructures ◽

Assessment Framework ◽

Security Risk ◽

Security Risk Assessment

Download Full-text

Applying the risk principle to optimize accuracy and equity in correctional risk assessment: Results From a Simulation

International Journal of Offender Therapy and Comparative Criminology ◽

10.1177/0306624x20986523 ◽

2021 ◽

pp. 0306624X2098652

Author(s):

Grant Duwe

Keyword(s):

Risk Assessment ◽

Predictive Accuracy ◽

Ethnic Disparities ◽

Simulated Data ◽

Risk Assessments ◽

Risk Level ◽

Risk Levels ◽

Risk Principle ◽

Changes In Risk ◽

The Impact

As the use of risk assessments for correctional populations has grown, so has concern that these instruments exacerbate existing racial and ethnic disparities. While much of the attention arising from this concern has focused on how algorithms are designed, relatively little consideration has been given to how risk assessments are used. To this end, the present study tests whether application of the risk principle would help preserve predictive accuracy while, at the same time, mitigate disparities. Using a sample of 9,529 inmates released from Minnesota prisons who had been assessed multiple times during their confinement on a fully-automated risk assessment, this study relies on both actual and simulated data to examine the impact of program assignment decisions on changes in risk level from intake to release. The findings showed that while the risk principle was used in practice to some extent, the simulated results showed that greater adherence to the risk principle would increase reductions in risk levels and minimize the disparities observed at intake. The simulated data further revealed the most favorable outcomes would be achieved by not only applying the risk principle, but also by expanding program capacity for the higher-risk inmates in order to adequately reduce their risk.

Download Full-text

Public Safety Risk Assessment of Power Investment Project Based on Fuzzy Set and DS Evidence Theory

E3S Web of Conferences ◽

10.1051/e3sconf/202014302009 ◽

2020 ◽

Vol 143 ◽

pp. 02009

Author(s):

Tai-hua Yang ◽

Jing Qin ◽

Zhi-xiang Li

Keyword(s):

Risk Assessment ◽

Fuzzy Set ◽

Public Safety ◽

Evidence Theory ◽

Investment Project ◽

Public Security ◽

Risk Level ◽

Security Risk ◽

Safety Risk ◽

Assessment Index

In recent years, the international situation has become more and more complex, and the regional conflicts have been escalating, and the risks of overseas public security have been increasing. Based on the four types of public security events, a public safety risk assessment index system of "one belt and one road" electric power investment project is established. Combining the Bayesian network model, and using fuzzy set and DS evidence theory, the public security risk level of the “Belt and Road” countries can be this method has been effectively verified and put forward countermeasures by an example.

Download Full-text

A WebGIS-Based System for Urban Stormwater Risk Analysis Using a Cloud Matter-Element Model

International Journal of Intelligent Information Technologies ◽

10.4018/ijiit.2020070104 ◽

2020 ◽

Vol 16 (3) ◽

pp. 80-99

Author(s):

Junfei Chen ◽

Cong Yu

Keyword(s):

Risk Assessment ◽

Risk Analysis ◽

Temporal Distribution ◽

Element Model ◽

Economic Loss ◽

Risk Level ◽

Urban Stormwater ◽

Intelligence System ◽

Prototype Development ◽

Matter Element Model

The interaction of human activity, climate change, and urbanization gives rise to more frequent urban stormwater disasters, which causes great economic loss in cities. This article presents a prototype of an interactive WebGIS system for urban stormwater risk analysis. The system has a Browse/Server(B/S) structure and uses WebGIS techniques for prototype development. It is based on the theory of disaster system and Cloud matter-element model for risk assessment. The risk results are immediately generated and visualized interactively by rendering risk maps. Finally, two urban stormwater events in Nanjing in 2015 and 2016 were selected to verify the accuracy of the risk assessment. The results show that the intelligence system can effectively assess the risk level and identify the spatial-temporal distribution of urban stormwater risk in Nanjing, China.

Download Full-text

A Situation-Aware Scheme for Efficient Device Authentication in Smart Grid-Enabled Home Area Networks

Electronics ◽

10.3390/electronics9060989 ◽

2020 ◽

Vol 9 (6) ◽

pp. 989 ◽

Cited By ~ 1

Author(s):

Anhao Xiang ◽

Jun Zheng

Keyword(s):

Smart Grid ◽

Smart Grids ◽

Communication Complexity ◽

Situational Awareness ◽

Security Analysis ◽

Risk Level ◽

Security Risk ◽

Risk Levels ◽

Home Area ◽

Home Area Networks

Home area networks (HANs) are the most vulnerable part of smart grids since they are not directly controlled by utilities. Device authentication is one of most important mechanisms to protect the security of smart grid-enabled HANs (SG-HANs). In this paper, we propose a situation-aware scheme for efficient device authentication in SG-HANs. The proposed scheme utilizes the security risk information assessed by the smart home system with a situational awareness feature. A suitable authentication protocol with adequate security protection and computational and communication complexity is then selected based on the assessed security risk level. A protocol design of the proposed scheme considering two security risk levels is presented in the paper. The security of the design is verified by using both formal verification and informal security analysis. Our performance analysis demonstrates that the proposed scheme is efficient in terms of computational and communication costs.

Download Full-text

A neural network approach for retailer risk assessment in the aftermarket industry

Benchmarking An International Journal ◽

10.1108/bij-06-2018-0162 ◽

2019 ◽

Vol 26 (5) ◽

pp. 1631-1647 ◽

Cited By ~ 6

Author(s):

Shirin Rezaei ◽

Sajjad Shokouhyar ◽

Mostafa Zandieh

Keyword(s):

Neural Network ◽

Risk Assessment ◽

Supply Chain ◽

Mitigation Strategies ◽

Risk Level ◽

Self Organizing Map ◽

Neural Network Approach ◽

Content Type ◽

Risk Levels ◽

Risk Management Process

Purpose Given the competitive environment and complicated relationships in supply chains in the modern era, it is important to take into account internal and external risks. In addition, proper methods must be designed to evaluate these risks correctly. The purpose of this paper is to provide a suitable map based on the artificial neural network technique to assess and classify the risk levels of retailers who have interconnected rules in the downstream of the supply chain. Design/methodology/approach In this research, a model for risk assessment with a hexagonal grid and 2D self-organizing map was applied. Findings According to the results, the model used in the study can provide a basis for classification of retailers based on the specified risk levels defined by the experts and risk managers of the company. Also with the model’s visual output, managers can have a better understanding of the distribution of the risk level of retailers. Practical implications The proposed methodology can be adopted by managers to assess the risk of members involved in the supply chain, helping them to formulate the risk mitigation strategies based on the risk levels. Originality/value As a part of the risk management process, organizations can use this developed method to reduce the existing risks imposed by the members or customers on the company.

Download Full-text

Information Security Risk Assessment Framework for Cloud Computing Environment Using Medical Research Design and Method

Advanced Science Letters ◽

10.1166/asl.2018.11804 ◽

2018 ◽

Vol 24 (1) ◽

pp. 739-743 ◽

Cited By ~ 2

Author(s):

Ganthan Narayana Samy ◽

Bharanidharan Shanmugam ◽

Nurazean Maarop ◽

Pritheega Magalingam ◽

Sundresan Perumal ◽

...

Keyword(s):

Risk Assessment ◽

Cloud Computing ◽

Information Security ◽

Medical Research ◽

Assessment Framework ◽

Security Risk ◽

Computing Environment ◽

Cloud Computing Environment ◽

Information Security Risk ◽

Security Risk Assessment

Download Full-text

Security risk assessment framework for cloud computing environments

Security and Communication Networks ◽

10.1002/sec.923 ◽

2014 ◽

Vol 7 (11) ◽

pp. 2114-2124 ◽

Cited By ~ 29

Author(s):

Sameer Hasan Albakri ◽

Bharanidharan Shanmugam ◽

Ganthan Narayana Samy ◽

Norbik Bashah Idris ◽

Azuan Ahmed

Keyword(s):

Risk Assessment ◽

Cloud Computing ◽

Assessment Framework ◽

Security Risk ◽

Computing Environments ◽

Security Risk Assessment

Download Full-text

Matching Services to Criminogenic Needs Following Comprehensive Risk Assessment Implementation in Juvenile Probation

Criminal Justice and Behavior ◽

10.1177/0093854818780923 ◽

2018 ◽

Vol 45 (8) ◽

pp. 1136-1153 ◽

Cited By ~ 6

Author(s):

Rebecca J. Nelson ◽

Gina M. Vincent

Keyword(s):

Risk Assessment ◽

Probation Officers ◽

Risk Level ◽

Assessment Instruments ◽

Violence Risk ◽

Juvenile Courts ◽

Juvenile Probation ◽

Related Case ◽

Risk Levels ◽

Case Planning

One emphasis of juvenile justice reform has been implementation of risk assessment instruments to improve case planning. This study examined the ability of juvenile probation departments to apply the risk-needs-responsivity (RNR) framework into case planning following a comprehensive implementation protocol. Data were collected on 385 adolescent offenders across three probation departments following implementation of the Structured Assessment of Violence Risk for Youth (SAVRY) and an RNR-related case planning policy. As expected, as risk levels of youth increased, probation departments assigned more services and addressed more criminogenic need areas in their case plans. Most case plans (86%) adhered to the policy to limit the number of needs addressed at one time. The quality of service-to-need matching varied by criminogenic need area, risk level, and site. Implications to juvenile courts’ and probation officers’ case planning and the challenges of research on service-to-need matching are discussed.

Download Full-text