SECURITY RISK MANAGEMENT AND AVOIDANCE. (1)

in writing •  6 years ago 


What is risk?
There are different definitions:
• An uncertain consequence of an event or an activity with regard to something that humans value
• The probability of an adverse future event multiplied by its magnitude
• The potential for damage or loss of an asset
• The likelihood that a specific vulnerability to the asset will be exploited by a particular threat

NB: Risk management is not the same as risk avoidance
• Risk avoidance = eliminating risks to maximum possible extent
• Risk management = dealing with risks while accepting they can never be fully eliminated


According to ROPER, risk management offers a rational and defensible method for making decisions in order to protect valued assets. It is the process of selecting and implementing security counter-measures to achieve an acceptable level of risk at an acceptable cost.
Countermeasures are an action taken or a physical entity used to reduce or eliminate one or more vulnerabilities

  • ASSET: Any person, facility, material, information, or activity that has a positive value to its owner.
  • THREAT: Any indication, circumstance, or event with the potential to cause loss or damage to an asset.
  • VULUNERABILITY: Any weakness that can be exploited by an adversary to gain access to an asset.

Roper’s approach: The Rational System Approach
What is a system approach? A system approach is composed of parts and all parts are related (directly or indirectly). It receives input from, and sends output into, the wider environment and consists of processes that transform inputs into outputs

What is a rational approach?
• Systematic
• Balancing out
• Reasoned decisions
• Justification
• Rationality = ordering preferences in a consistent manner

Roper’s 5-steps for the risk management process
NB: Risk management is not the same as risk assessment
• Risk assessment = The process of evaluating the threats/ vulnerabilities to an asset so as to give an expert opinion on the probability of loss/ damage and its impact as a guide to taking action
• Risk management = The process of selecting and implementing security countermeasures to achieve an acceptable level of risk at an acceptable cost
Difference between safety and security management:
• Safety management = fighting error
• Security management = fighting evil threats

Three worlds of safety and security

  • International security
  • Public safety
  • Industrial safety
    Adversaries includes;
    • Bad’ intentions
    • Purposive threats
    • Geo-politics
    • Civilizations and spheres of influence
    • Rational analysis of ‘weak spots’
    • Social change
    • Visions of the ‘good life’
    • Cultural differences
    • Morality and emotionality
    • Living and surviving
    • Unwanted conflicts
    • Politicization and medialization
    • Complicated processes and reactions
    • Individual skills and impossibilities
    • Economic calculus
    • Knowledge and ignorance
    • Routinization versus organizational change
    • Cultures of safety

Focal actor: “The enemy” “The citizen" “The organization man”

PHOTOCREDIT; https://www.google.com/search?q=images+of+risk+management&client=firefox-b-ab&tbm=isch&source=iu&ictx=1&fir=tHq0X-DaIbfASM%253A%252CssXdfADgwcKvmM%252C_&usg=__L__OPW1hVCQ8pQE-WhPCdB7lWG4%3D&sa=X&ved=0ahUKEwjvrMjw9pfcAhWFSsAKHSiBATMQ9QEIPTAL&biw=1366&bih=654#imgdii=vOi4QgUCmL-YFM:&imgrc=NvS8yoNBc317AM:
RESEARCH SOURCE: Roper's analysis on risk management

Thanks for reading.
UPVOTE!
RESTEEM!
COMMENT!

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Congratulations! This post has been upvoted from the communal account, @minnowsupport, by favour Sampson from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.

If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.

Congratulations @wakkyblogger! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 1 year!

Click here to view your Board

Support SteemitBoard's project! Vote for its witness and get one more award!

Congratulations @wakkyblogger! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 2 years!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Vote for @Steemitboard as a witness to get one more award and increased upvotes!