An experimentally verified method to predict & measure all forms of Cyber-Risk

Mapping Intimacies ◽

10.36227/techrxiv.14253074.v1 ◽

2021 ◽

Author(s):

Riccardo Storti

Keyword(s):

Service Providers ◽

Management Strategies ◽

Effort Estimation ◽

Infinite Population ◽

Risk Management Strategies ◽

Critical Activity ◽

Operational Decision Making ◽

Primary Advantage ◽

Definition Of ◽

Cyber Risk

A precise & unambiguous mathematical definition of Cyber-Risk is developed, yielding an experimentally validated solution demonstrating ‘How to Predict & Measure Cyber-Risk’ for any Internet Connected Information System (ICIS) to greater than 98.07% accuracy. Moreover, it is shown that the solution holds for all scales of ICIS, from an Application level to an Enterprise level. In addition, it is shown that Test Effort Estimation (TEE) quantifies Cyber-Confidence, which in turn quantifies Cyber-Risk. Hence, TEE is a Mission Critical Activity (MCA) when formulating Cyber-Risk Management Strategies & may be utilised prior to project commencement, in-flight or post facto as an assessment &/or auditing tool. The TEE Model Construct developed is a statistical based methodology whereby the evaluations/decisions made, result in the contraction or expansion of the ‘z-Score’ associated with an infinite population of database records. The primary advantage of this approach is that very little information is required client-side at the engagement stage in order to produce peer acceptable estimates of the required test effort, & to accurately predict & measure the associated Cyber-Risk. This approach empowers clients & service providers to precisely define whatever level of Cyber-Risk is to be contractually delivered, capable of being absorbed, or prepared to be absorbed by consensus. With the aid of a decision table, estimators are able to articulate & convey to the appropriate authorities, various levels of Cyber-Risk commensurate with the available resources. The TEE Model Construct developed, presents an experimentally verified methodology, cognizant of commercial realities, yielding the following key advantages; (i) it requires minimal inputs, (ii) it has a scientific foundation, (iii) it facilitates operational decision-making, (iv) it quantifies Risk Based Testing (RBT), (v) it is simple, robust, flexible, consistent, reusable & transparent, (vi) it is capable of scaling a projected solution from a known solution, (vii) it embraces Continuous Improvement Processes (CIP’s), (viii) it confines perceptual subjectivity predominantly to three variables & (ix), it commercially exists as an off-the-shelf product. <br>

Download Full-text

An experimentally verified method to predict & measure all forms of Cyber-Risk

10.36227/techrxiv.14253074 ◽

2021 ◽

Author(s):

Riccardo Storti

Keyword(s):

Service Providers ◽

Management Strategies ◽

Effort Estimation ◽

Infinite Population ◽

Risk Management Strategies ◽

Critical Activity ◽

Operational Decision Making ◽

Primary Advantage ◽

Definition Of ◽

Cyber Risk

Download Full-text

The management of risk in a dryland environment

Proceedings of the New Zealand Grassland Association ◽

10.33584/jnzg.2011.73.2835 ◽

2011 ◽

pp. 13-21

Author(s):

D.I. Gray ◽

J.I. Reid ◽

D.J. Horne

Keyword(s):

Risk Management ◽

Service Providers ◽

Management Strategies ◽

Subterranean Clover ◽

Farming Systems ◽

Market Risk ◽

Farm Size ◽

Forage Crops ◽

Risk Management Strategies ◽

Upside Risk

A group of 24 Hawke's Bay hill country farmers are working with service providers to improve the resilience of their farming systems. An important step in the process was to undertake an inventory of their risk management strategies. Farmers were interviewed about their farming systems and risk management strategies and the data was analysed using descriptive statistics. There was considerable variation in the strategies adopted by the farmers to cope with a dryland environment. Importantly, these strategies had to cope with three types of drought and also upside risk (better than expected conditions), and so flexibility was critical. Infra-structure was important in managing a dryland environment. Farmers chose between increased scale (increasing farm size) and geographic dispersion (owning a second property in another location) through to intensification (investing in subdivision, drainage, capital fertiliser, new pasture species). The study identified that there may be scope for further investment in infra-structural elements such as drainage, deeper rooting alternative pasture species and water harvesting, along with improved management of subterranean clover to improve flexibility. Many of the farmers used forage crops and idling capacity (reduced stocking rate) to improve flexibility; others argued that maintaining pasture quality and managing upside risk was a better strategy in a dryland environment. Supplementary feed was an important strategy for some farmers, but its use was limited by contour and machinery constraints. A surprisingly large proportion of farmers run breeding cows, a policy that is much less flexible than trading stock. However, several farmers had improved their flexibility by running a high proportion of trading cattle and buffer mobs of ewe hoggets and trade lambs. To manage market risk, the majority of farmers are selling a large proportion of their lambs prime. Similarly, cattle are either sold prime or store onto the grass market when prices are at a premium. However, market risk associated with the purchase of supplements and grazing was poorly managed.

Download Full-text

Introducing consumer directed care in residential care settings for older people in Australia: views of a citizens’ jury

Journal of Health Services Research & Policy ◽

10.1177/1355819618764223 ◽

2018 ◽

Vol 23 (3) ◽

pp. 176-184 ◽

Cited By ~ 1

Author(s):

Kate Laver ◽

Emmanuel Gnanamanickam ◽

Craig Whitehead ◽

Susan Kurrle ◽

Megan Corlis ◽

...

Keyword(s):

Older People ◽

Residential Care ◽

Service Providers ◽

Management Strategies ◽

Home Care Services ◽

The Public ◽

Care Services ◽

People With Dementia ◽

Risk Management Strategies ◽

Care Models

Objectives Health services worldwide are increasingly adopting consumer directed care approaches. Traditionally, consumer directed care models have been implemented in home care services and there is little guidance as to how to implement them in residential care. This study used a citizens’ jury to elicit views of members of the public regarding consumer directed care in residential care. Methods A citizens’ jury involving 12 members of the public was held over two days in July 2016, exploring the question: For people with dementia living in residential care facilities, how do we enable increased personal decision making to ensure that care is based on their needs and preferences? Jury members were recruited through a market research company and selected to be broadly representative of the general public. Results The jury believed that person-centred care should be the foundation of care for all older people. They recommended that each person’s funding be split between core services (to ensure basic health, nutrition and hygiene needs are met) and discretionary services. Systems needed to be put into place to enable the transition to consumer directed care including care coordinators to assist in eliciting resident preferences, supports for proxy decision makers, and accreditation processes and risk management strategies to ensure that residents with significant cognitive impairment are not taken advantage of by goods and service providers. Transparency should be increased (perhaps using technologies) so that both the resident and nominated family members can be sure that the person is receiving what they have paid for. Conclusions The views of the jury (as representatives of the public) were that people in residential care should have more say regarding the way in which their care is provided and that a model of consumer directed care should be introduced. Policy makers should consider implementation of consumer directed care models that are economically viable and are associated with high levels of satisfaction among users.

Download Full-text

Optimal Investment in Cyber-Security under Cyber Insurance for a Multi-Branch Firm

Risks ◽

10.3390/risks9010024 ◽

2021 ◽

Vol 9 (1) ◽

pp. 24

Author(s):

Alessandro Mazzoccoli ◽

Maurizio Naldi

Keyword(s):

Risk Management ◽

Cyber Security ◽

Management Strategies ◽

Limited Liability ◽

Optimal Investment ◽

Cyber Insurance ◽

Risk Management Strategies ◽

Cyber Risk ◽

Investment Choices ◽

Very High

Investments in security and cyber-insurance are two cyber-risk management strategies that can be employed together to optimize the overall security expense. In this paper, we provide a closed form for the optimal investment under a full set of insurance liability scenarios (full liability, limited liability, and limited liability with deductibles) when we consider a multi-branch firm with correlated vulnerability. The insurance component results to be the major expense. It ends up being the only recommended approach (i.e., setting zero investments in security) when the intrinsic vulnerability is either very low or very high. We also study the robustness of the investment choices when our knowledge of vulnerability and correlation is uncertain, concluding that the uncertainty induced on investment by either uncertain correlation or uncertain vulnerability is not significant.

Download Full-text

A Framework for the Integration of Nature-Based Solutions into Environmental Risk Management Strategies

Sustainability ◽

10.3390/su11020489 ◽

2019 ◽

Vol 11 (2) ◽

pp. 489 ◽

Cited By ~ 9

Author(s):

Cristian Accastello ◽

Simone Blanc ◽

Filippo Brun

Keyword(s):

Risk Management ◽

Natural Hazards ◽

Supply And Demand ◽

Management Strategies ◽

Special Focus ◽

Mass Tourism ◽

Societal Pressure ◽

Risk Management Strategies ◽

Definition Of ◽

Protection Forests

Mountainous areas are expected to face increasing societal pressure due to mass tourism and the rising intensity and frequency of natural hazards triggered by climate change. Therefore, the development of proper strategies for the management of environmental risks will be crucial to ensure their liveability. Against this backdrop, concepts such as territorial resilience and Social–Ecological Systems (SES) can support the prioritisation of protective efforts. This paper presents a conceptual framework to be applied to areas subject to natural hazards. Its aim is to support the integration of different measures, with a special focus on protection forests and other Nature-based Solutions, into current risk management strategies. The framework considers (i) the definition of SES boundaries; (ii) the identification of the main goals to be achieved; (iii) the quantification of the supply and demand of the ecosystem protection service; and (iv) the development of risk management strategies able to include the management of protection forests among the adopted solutions. This framework is intended as a tool to be adopted by local and regional decision-makers as a tool to identify the areas at risk, to recognise the potential role of protection forests, and to operationalise the concept of resilience through the deployment of “grey-green” strategies.

Download Full-text

Investigating the relationships between uncertainty types and risk management strategies in cross-border e-commerce logistics

The International Journal of Logistics Management ◽

10.1108/ijlm-04-2020-0158 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Maria Giuffrida ◽

Hai Jiang ◽

Riccardo Mangiaracina

Keyword(s):

Risk Management ◽

Structural Equation ◽

Management Practices ◽

Service Providers ◽

Home Country ◽

Management Strategies ◽

Risk Identification ◽

Content Type ◽

Cross Border ◽

Risk Management Strategies

PurposeDue to its fast growth, cross-border e-commerce (CBEC) is becoming a popular internationalization model, especially in those destination markets with impressive e-commerce development like China. However, CBEC also brings new logistics challenges and uncertainty. This paper aims to understand how companies cope with logistics uncertainty in this field and whether the different types of uncertainty influence the risk management strategies adopted to face them.Design/methodology/approachA survey targeting online exporters to China and third-party forwarding logistics service providers (3PFLs) is conducted. A structural equation model (SEM) analysis is performed to test the possible relationship between the adopted risk management strategies and the types of uncertainty. The type, industry and size of the company, as well as the distance between the company's home country and China, are used as control variables in the study. Survey results are enriched via interviews with some of the respondents.FindingsThe risk management strategies adopted are dependent on the type of logistics uncertainty that the companies face and, to a minor extent, on the industry the company operates in. Conversely, no significant influence is exerted by other types of control factors, i.e. home country, company size or company type.Originality/valueThe paper investigates logistics uncertainty and risk management approaches in the novel context of CBEC. A systematic review of relevant sources of uncertainty is offered to help both scholars and practitioners understand the current complexities of CBEC. From a theoretical perspective, the paper models the investigated concepts in light of the contingency approach. From a practical perspective, results can be of interest since the list of proposed items can support risk identification and evaluation while the interviews with managers can provide insights on risk management practices.

Download Full-text

Rockfall Analysis for Preliminary Hazard Assessment of the Cliff of Taormina Saracen Castle (Sicily)

Sustainability ◽

10.3390/su10020417 ◽

2018 ◽

Vol 10 (2) ◽

pp. 417 ◽

Cited By ~ 14

Author(s):

Simone Mineo ◽

Giovanna Pappalardo ◽

Michele Mangiameli ◽

Santo Campolo ◽

Giuseppe Mussumeci

Keyword(s):

Hazard Assessment ◽

Management Strategies ◽

Laser Scanner ◽

Rockfall Hazard ◽

Heritage Sites ◽

Failure Patterns ◽

Starting Point ◽

Risk Management Strategies ◽

Definition Of ◽

The Impact

A rockfall analysis at one of the most relevant cultural heritage sites of northeastern Sicily (Italy) is presented herein with the aim of assessing the hazard arising from the unstable conditions of the rock cliff of Taormina city, upon which the Saracen Castle is perched on its top. Several rockfalls affected this area in the latest years, representing a serious threat for the safety of inhabitants and tourists. Therefore, the qualitative Evolving Rockfall Hazard Assessment (ERHA) was applied for the hazard zonation, supported by rock mass surveys and Terrestrial Laser Scanner prospecting. Kinematic analysis revealed that the unstable rock failure patterns are represented by planar/wedge sliding and toppling, while simulation of potential rockfalls allowed studying the impact of future events in terms of trajectory and energy. This is higher at the foot of scarps and in steeper sectors, where the application of ERHA identified a critical zone close to the inhabited center, which is one of the main elements at risk, along with a pedestrian tourist path. Achieved results represent a starting point for the definition of risk management strategies and provide a scientific contribution to the study of hazard and risk arising from rockfall occurrence.

Download Full-text

Helping supervisees learn ethically based risk management strategies

PsycEXTRA Dataset ◽

10.1037/e500672008-001 ◽

2008 ◽

Author(s):

Samuel Knapp

Keyword(s):

Risk Management ◽

Management Strategies ◽

Risk Management Strategies

Download Full-text

The Effects of Decision Aid Orientation on Risk Factor Identification and Audit Test Planning

Auditing A Journal of Practice & Theory ◽

10.2308/aud.2002.21.2.39 ◽

2002 ◽

Vol 21 (2) ◽

pp. 39-56 ◽

Cited By ~ 29

Author(s):

Jean C. Bedard ◽

Lynford E. Graham

Keyword(s):

Risk Factors ◽

Risk Management ◽

Decision Aid ◽

Decision Aids ◽

Management Strategies ◽

Risk Identification ◽

Matched Pair ◽

Audit Planning ◽

Audit Firms ◽

Risk Management Strategies

In auditing, risk management involves identifying client facts or issues that may affect engagement risk, and planning evidence-gathering strategies accordingly. The purpose of this paper is to examine whether auditors' identification of risk factors and planning of audit tests is affected by decision aid orientation, i.e., a “negative” focus wherein client risk and its consequences are emphasized, or a “positive” focus where such factors are not emphasized. Specifically, we expect that auditors will identify more risk factors using a negatively oriented risk identification decision aid, but only when engagement risk is relatively high. We address this issue in the context of auditors' knowledge of actual clients, manipulating decision aid orientation as negative or positive in a matched-pair design. Results show that auditors using the negative decision aid orientation identify more risk factors than do those using a positive orientation, for their higher-risk clients. We also find that decisions to apply substantive tests are more directly linked to specific risk factors identified than to direct risk assessments. Further, our results show that auditors with repeat engagement experience with the client identify more risk factors. The findings of this study imply that audit firms may improve their risk management strategies through simple changes in the design of decision aids used to support audit planning.

Download Full-text

Evaluation of Physical Risk during Necropsy and Morgue Activities as Risk Management Strategy

International Journal of Environmental Research and Public Health ◽

10.3390/ijerph18168266 ◽

2021 ◽

Vol 18 (16) ◽

pp. 8266

Author(s):

Zoe Del Fante ◽

Nicola Di Fazio ◽

Adriano Papale ◽

Paola Tomao ◽

Fabio Del Duca ◽

...

Keyword(s):

Risk Factors ◽

Risk Management ◽

Management Strategies ◽

Risk Management Strategy ◽

Work Related ◽

Activity Measurements ◽

Risk Management Strategies ◽

Physical Risk ◽

Critical Issues ◽

Load Handling

Physical risk assessments allow us to understand work-related critical issues, thus representing a useful tool in risk management strategies. In particular, our study focuses on the identification of already known and emerging physical risks related to necropsy and morgue activities, as well as crime scene investigations. The aim of our study is, therefore, to identify objective elements in order to quantify exposure to such risk factors among healthcare professionals and working personnel. For the research of potentially at-risk activities, data from the Morgue of Policlinico Umberto I Hospital in Rome were used. The scientific literature has been reviewed in order to assess the risks associated with morgue activity. Measurements were performed on previously scheduled days, in collaboration with the activities of different research units. The identified areas of risk were: microclimate; exposure to noise and vibrations; postural and biomechanical aspects of necropsy activities. The obtained results make it possible to detect interindividual variability in exposure to many of the aforementioned risk factors. In particular, the assessment of microclimate did not show significant results. On the contrary, exposure to vibrations and biomechanical aspects of load handling have shown potential risk profiles. For this reason, both profiles have been identified as possible action targets for risk management strategies.

Download Full-text