scholarly journals Comprehensive Risk Identification Model for SCADA Systems

2019 ◽  
Vol 2019 ◽  
pp. 1-24
Author(s):  
Abdelghafar M. Elhady ◽  
Hazem M. El-bakry ◽  
Ahmed Abou Elfetouh
Keyword(s):  
Risk Management ◽  
Risk Identification ◽  
Risk Map ◽  
Risk Scenarios ◽  
Proposed Model ◽  
Risk Management Process ◽  
Benchmark Database ◽  
Scada Systems ◽  
Identification Model

The world is experiencing exponential growth in the use of SCADA systems in many industrial fields. The increased and considerable growth in information and communication technology has been forcing SCADA organizations to shift their SCADA systems from proprietary technology and protocol-based systems into internet-based ones. This paradigm shift has also increased the risks that target SCADA systems. To protect such systems, a risk management process is needed to identify all the risks. This study presents a detailed investigation on twenty-one scientific articles, guidelines, and databases related to SCADA risk identification parameters and provides a comparative study among them. The study next proposes a comprehensive risk identification model for SCADA systems. This model was built based on the risk identification parameters of ISO 31000 risk management principles and guidelines. The model states all risk identification parameters, identifies the relationships between those parameters, and uses a hierarchical-based method to draw complete risk scenarios. In addition, the proposed model defines the interdependency risk map among all risks stated in the model. This risk map can be used in understanding the evolution of the risks through time in SCADA systems. The proposed model is then transformed into a benchmark database containing 19,163 complete risk scenarios that can affect SCADA systems. Finally, a case study is presented to demonstrate one of the usages of the proposed model and its benchmark database. This case study provides 306 possible attack scenarios that Hacktivist can use to affect SCADA systems.

scholarly journals IMPLEMENTASI MANAJEMEN RISIKO UNDERWRITING PADA PT ASURANSI JASINDO SYARIAH

2020 ◽  
Vol 7 (5) ◽  
pp. 901
Author(s):  
Wahyu Rofikah ◽  
Dina Fitrisia Septiarini
Keyword(s):  
Risk Management ◽  
Secondary Data ◽  
Risk Identification ◽  
Primary Data ◽  
Management Process ◽  
Snowball Sampling ◽  
Descriptive Case Study ◽  
Risk Monitoring ◽  
Risk Management Process

This study purpose to how the risk management process in PT Asuransi Jasindo Syariah with a case study of vehicle insurance class of business. This research uses a qualitative approach with a descriptive case study strategic. The research data was obtained through primary data in the form of interviews and secondary data. The selection of informants in interviews through snowball sampling techniques and secondary data obtained from supporting data in the form of archives, reports and relevant document and literature reviews related to research. The results of this study indicate that PT Asuransi Jasindo Syariah has a significant role in the process of underwriting risk management, especially in vehicle insurance product, which have the highest loss ratio among other products. The underwriting risk management process carried out by PT Asuransi Jasindo Syariah is risk identification, risk measurement, risk monitoring, and risk control.Keywords: risk management, underwriting, syariah insurance

scholarly journals How to evaluate supply chain risks, including sustainable aspects? A case study from the German industry

2021 ◽  
Vol 14 (2) ◽  
pp. 120
Author(s):  
Rubén Medina-Serrano ◽  
Reyes González-Ramírez ◽  
Jose Gasco-Gasco ◽  
Juan Llopis-Taverner
Keyword(s):  
Risk Management ◽  
Supply Chain ◽  
Risk Identification ◽  
German Industry ◽  
Supply Chain Risk Management ◽  
Supply Chain Risk ◽  
Risk Management Process ◽  
Iso 31000 ◽  
Supply Chain Risks

Purpose: Outsourcing transactions have been arisen and evolved in the last years and purchase managers want to know if a Failure Mode Effects and Analysis (FMEA) is an effective qualitative technique to analyze supply chain risks (SCR) in a proper way. The aim of this study is to address this question developing a practicable risk management process based on the guidelines of the ISO 31000 for upstream Supply Chain Risk Management (SCRM) linking risk assessment, risk identification, risk analysis, risk evaluation, risk treatment and validate the process empirically through a case study.Design/methodology/approach: After a review of the literature on Sustainable Supply Chain Risk Management (SSCRM), a case study based on a leading manufacturer of electrical products, collects evidences of SSCRM implementation.Findings: Supply chain disruptions are one of the most critical issues which can negatively influence on firm’s performance. Avoiding and mitigating disruptions in the supply chain is one of the main challenges for supply chain managers.Originality/value: This paper identifies the ISO 31000, the ISO 9001 and the use of an FMEA to analyze supply chain risks in a structured manner and to outline future research opportunities in the field of SCRM.

scholarly journals MANAJEMEN RISIKO GADAI EMAS PADA PT.PEGADAIAN SYARIAH JAYAPURA

2020 ◽  
Vol 1 (2) ◽  
pp. 1-17
Author(s):  
Yunita Sari ◽  
Syaiful Muhyidin ◽  
Fachrudin Fiqri Affandy
Keyword(s):  
Risk Management ◽  
Public Interest ◽  
Risk Mitigation ◽  
Risk Identification ◽  
Qualitative Approach ◽  
Primary Data ◽  
Case Study Method ◽  
Risk Management Process ◽  
High Level

The background of this research is the high level of public interest in product of sharia gold pawn so that the risk management is the main focus to be carried out. The most common risk is the risk of loans, especially gold pawn loans. The risk of goal pawn loans becomes the main focus on the Islamic Pawnshop. This is based on the limitations of employees of PT. Pegadaian Syariah Jayapura, especially UPS Heram, in screening data for funding applications. These limitations lead to several stages of loans that are not intentionally or deliberately by passed to accelerate the loans process. This research used qualitative approach with the case study method. It used primary and supporting data. The information from primary data sources in qualitative research can generally be explored through observation and interview techniques. This research  shows that PT. Jayapura Syariah Pegadaian (UPS) Heram in managing gold pawning risk can be from the risk management process, namely risk identification, risk measurement, and risk management. The mitigation of gold pawn transactions include the risk mitigation of the accuracy of the gold assessment, the risk mitigation of a decline in the price of gold, the risk mitigation of  storing gold. The minimizing of the risks that might occur use monitoring, guidance and supervision of internal risks.

scholarly journals THE DEVELOPMENT OF AN ATTITUDE TOWARDS RISK MANAGEMENT IN THE CONTEXT OF COUNTRY COMPETITIVENESS

2013 ◽  
Vol 11 (2) ◽  
pp. 281-293 ◽  
Author(s):  
Viktorija Stasytytė
Keyword(s):  
Risk Management ◽  
Risk Identification ◽  
Country Risk ◽  
Enterprise Management ◽  
Management Process ◽  
Risk Map ◽  
Risk Management Process ◽  
Risk Uncertainty ◽  
Country Competitiveness ◽  
Identification Analysis

The paper analyses the prevailing definitions of risk, uncertainty and risk management as well as attitudes towards risk identification, analysis and response in the context of the enterprise and country as a whole. The article presents a scheme of attainment of risk-intelligent enterprise management and discloses its application possibilities to country risk management. The paper also shows the schematic views of particular techniques applied in each step of the risk management process. After analysing a report on global country risks, a generalized risk map of global risks is formed and detailed further trends of research are determined in order to develop a thorough picture of country risks in Lithuania.

scholarly journals PENGELOLAAN MANAJEMEN RESIKO GADAI NON-EMAS TIDAK TERTEBUS DI PEGADAIAN SYARIAH CABANG BLAURAN

2020 ◽  
Vol 6 (3) ◽  
pp. 446
Author(s):  
Dyah Palupi Dwi Cahyani ◽  
Muhammad Nafik Hadi Ryandono
Keyword(s):  
Qualitative Research ◽  
Risk Management ◽  
Research Method ◽  
Risk Control ◽  
Risk Identification ◽  
Research Data ◽  
Management Process ◽  
Regional Office ◽  
Risk Ranking ◽  
Risk Management Process

This study is aimed to know the mechanism of risk management in the management of unredeemed non-gold pawn in Blauran Sharia Pawnshop. Through the three phases of risk management that is risk identification, risk ranking, and risk control Blauran Sharia Pawnshop expected can be more minimize the risks, one of them is unredeemed non-gold pawn. The research method used was qualitative. Research data is obtained by doing interview techniques and documentation to the informant that was assistant deputy manager Pawnshop of Surabaya Regional Office, Head of Blauran Surabaya Sharia Pawnshop branch, and staff of Blauran Surabaya Sharia Pawnshop. The research showed that Blauran Sharia Pawnshop has run the risk management process in three ways: risk identification, risk ranking based on potency and the most influential risk, and risk control by conducting auction on non-goldpawning items that were not redeemed.Keyword: Risk Management, sharia mortgage, sharia pawnshop,unreedemed non-gold pawn

scholarly journals A Formalised Approach to the Management of Risk

2011 ◽  
Vol 2 (3) ◽  
pp. 63-80
Author(s):  
Mike Brownsword ◽  
Rossi Setchi
Keyword(s):  
Risk Management ◽  
Best Practice ◽  
Health And Safety ◽  
Active Management ◽  
Safety Issues ◽  
Economic Climate ◽  
Risk Management Process ◽  
Definition Of ◽  
Current Engineering

Observations made while working with industry and government organisations have shown a number of issues with the implementation of current risk management best practice. A major issue in many cases is the lack of pragmatism associated with the risk management process and the need for a more formalised approach to risk management. In this paper, the authors propose and validate a multi-view approach to defining the processes required to carry out risk management. The formalised approach proposed includes a definition of risk, an ontology, a set of processes, and a pragmatic methodology, which shows an application of these processes enabling pro-active management of change. The ability of the processes to be applied to different types of risk has been demonstrated through a case study highlighting health and safety issues. Within the current engineering and economic climate this logical approach provides a visualisation which is consistent, repeatable, view based, and pragmatic.

scholarly journals The place of artificial intelligence in the risk management process

2021 ◽  
Vol 120 ◽  
pp. 02013
Author(s):  
Petya Biolcheva
Keyword(s):  
Artificial Intelligence ◽  
Risk Assessment ◽  
Risk Management ◽  
Real Time ◽  
Risk Identification ◽  
Management Process ◽  
Whole Process ◽  
Risk Management Process ◽  
Problematic Issue ◽  
The Individual

In recent years, there has been increasing talk of the rapid entry of artificial intelligence into risk management. All the benefits it would bring over the whole process are often commented on: real-time results, processing large amounts of data, more complete risk identification, more accurate risk assessment, etc. There are also negative moods that make various experts feel threatened by their need to be replaced by artificial intelligence. Another problematic issue that arises is related to the transparency of algorithms and the increase in cyber risks [6]. This material aims to identify the individual elements at the stages of risk management in which artificial intelligence (AI) can and should be applied alone, in combination with expert opinion or not. Here it is shown that because of the use of AI the efficiency of the whole process is significantly increased, first of all by conducting in-depth analyses, and the decisions are made by the risk management experts. This proves its usefulness and increases the confidence of experts in it.

Risk Management in Distributed IT Projects

2008 ◽  
pp. 2865-2888
Author(s):  
Rafael Prikladnicki ◽  
Roberto Evaristo ◽  
Jorge Luis Nicolas Audy ◽  
Marcelo Hideki Yamaguti
Keyword(s):  
Risk Management ◽  
Management Process ◽  
Time Zone ◽  
It Projects ◽  
Cultural Boundaries ◽  
Integrated Risk ◽  
Risk Management Process ◽  
Development Center ◽  
Practical Implications

Distributed IT projects exhibit certain features that make them fundamentally different from traditional co-located projects, not only involving additional steps and decisions, but also impacting the risk management process. The goal of this paper is to discuss these impacts and to suggest the development of an integrated risk management process taking into account site dispersion, time zone difference, and cultural boundaries not only at the operational, but also at the tactical and strategic level. We also report results of an exploratory case study conducted in a software development center (a Brazilian subsidiary of a U.S. corporation) in support of such a model, and conclude with a discussion of theoretical and practical implications of our work.

Risk Management in Distributed IT Projects

2009 ◽  
pp. 1243-1257
Author(s):  
Rafael Prikladnicki ◽  
Roberto Evaristo ◽  
Jorge Luis Nicolas Audy ◽  
Marcelo Hideki Yamaguti
Keyword(s):  
Risk Management ◽  
Management Process ◽  
Time Zone ◽  
It Projects ◽  
Cultural Boundaries ◽  
Integrated Risk ◽  
Risk Management Process ◽  
Development Center ◽  
Practical Implications

Distributed IT projects exhibit certain features that make them fundamentally different from traditional co-located projects, not only involving additional steps and decisions, but also impacting the risk management process. The goal of this paper is to discuss these impacts and to suggest the development of an integrated risk management process taking into account site dispersion, time zone difference, and cultural boundaries not only at the operational, but also at the tactical and strategic level. We also report results of an exploratory case study conducted in a software development center (a Brazilian subsidiary of a U.S. corporation) in support of such a model, and conclude with a discussion of theoretical and practical implications of our work.

Enhancing RCIES Model

2016 ◽  
pp. 624-643
Author(s):  
Arwa Mukhtar Makki ◽  
Tarig Mohamed Ahmed
Keyword(s):  
Risk Factors ◽  
Risk Identification ◽  
Successful Implementation ◽  
Management Process ◽  
Erp Implementation ◽  
Erp System ◽  
Strategic Risk ◽  
Risk Management Process ◽  
The Impact

Risk identification and prioritization is very essential activity in any successful strategic risk management process. Developing a plan for dealing with such problems reduces the impact of unexpected risks and failures while prioritizing risks draws attention, efforts and resources to the risks with great impact on projects success. The aim of this paper, is to identify the critical risk factors in an ERP project through a case study of a successful implementation of an ERP system in a Sudanese organization and to understand how the organization implemented the appropriate controls to minimize its business risks impact. To achieve this objective, a number of key articles were reviewed and analyzed to understand the different critical risk factors influence ERP implementation. New risk factors and controls influence ERP implementation have been identified. A new model of ERP implementation critical risk factors was developed. Furthermore, the risk factors were classified into categories, probability, impact and proximity, then using a prioritizing tool, the results of this study contributes to risks identification and prioritization by pointing to the less priority and the most critical risk factors.

Sign in / Sign up

Export Citation Format

Share Document