Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

BIS BISS > 1.2 Risk assessment approaches & processes > Flashcards

1.2 Risk assessment approaches & processes Flashcards

1
Q

What are the different risk assessment approaches?

A 
Quantitative approaches
Heuristic approaches
Systems approaches
Mixed approaches
\+ lots of different techniques, tools & services / gurus
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the different types of quantitative approaches?

A

Risk exposure

Risk management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Describe the different types of quantitative approaches

A

Risk exposure:
List all likely risk areas (data corruption, security breach, virus)
List likely risk items (power cut, deliberate / accidental disruption)
List likely outcome of risk (£, time, damage)
List exposure of risk (probability * likely cost)

Risk management:
Address the 'main' areas / concerns
Identify solutions
List / identify possible solutions
Analyse cost / benefits of solution
Identify common solution
Pick most appropriate solution
(A lot of pragmatism often comes into play in selecting solutions)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Heuristic approaches, and describe what is involved?

A

Rule of thumb
Mostly quantitative approaches - checklists (areas involve reviewing system or controls, developed using previous experiences, lesson learnt from similar projects)
Similar to Internal Control Questionnaire (used in computer auditing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the different elements of risk management?

A

Insurance & risk mitigation
Adequate controls approach
Disaster recovery
Robust & sensitivity analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe the different elements of risk management

A

Insurance & risk mitigation:
What can you insure against?

Adequate controls approach:
Can’t identify all risks - but can have good controls to monitor & detect problems
Particularly in areas of material risk

Disaster recovery:
Fall back procedures - plan of action
Good recovery plans

Robust & sensitivity analysis:
How sensitive is RA to changes in probability or impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How should you determine acceptable risk

A

Risk aversion - maximising reduction of risk
Risk balancing - same level of risk = acceptable, based on similar cases
Cost effectiveness - minimises risk per £, $ etc.
Cost-benefit balancing - balances benefits & costs of activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

BIS BISS (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions