Risk Assessment STANDARD Flashcards
Risk Assessment is:
The identification, Analysis and evaluation of uncertainties to objectives and outcomes. It provides a comparison between the desired/undesired outcomes and expected rewards/losses of organizational objectives.
Risk assessment can be accomplished in varying degrees of detail. Risk may be assessed using:
Qualitative Analysis,
Qualitative Analysis and
Combined approaches
A qualitative analysis uses descriptive terms and phrases such as:
Minor
Moderate
Major
Critical
Qualitative Analysis can be used when:
Numerical data is inadequate, uncertain, or unavailable to properly describe the risk
Plan-Do-Check-Act
Plan- Define and Analyze an issue and the context
Do- Devise a Solution, Develop detailed Action, Plan and implement it systematically
Check- Confirm Outcomes, Against Plan, Identify Deviations and Issues
Act- Standardize Solution, Review and Define Next Issues
The PCDA Model is a clear, systematic, and documented approach to:
Set measurable, policies, objectives and targets
Methodically implement the program
Monitor, measure and evaluate progress
Identify, Prevent and remedy problems as they occur
Assess competence requirements and train persons working on the organizations behalf
Provide top Management with a feedback loop to assess progress and make appropriate changes to the risk assessment program
Manage information within the organization, thereby improving operational efficiency.
corrective action definition
Action to rectify the causes of a detected nonconformity or other undesirable circumstances.
NOTE 1: There can be more than one cause for a nonconformity.
NOTE 2: Corrective action is taken to prevent recurrence, whereas preventive action is taken to prevent occurrence.
criticality
Of essential importance with respect to objectives and/or outcomes.
criticality analysis
A process designed to systematically identify, evaluate, and rank positive and negative impacts on an organization’s stakeholders, assets, services, and activities based on the importance of its mission or function, or the significance of risks on the organization’s ability to meet its objectives and expectations.
NOTE: Determines which qualities or degrees of risk are of the highest importance for successful execution of an organization’s objectives or which might represent a decisive turning point in strategy execution.
critical control point (CCP)
A point, step, or process at which controls can be applied to modify risk.
NOTE 1: A threat or hazard can be prevented, eliminated, or reduced to targeted levels.
NOTE 2: A point at which opportunity can be leveraged.
disruptive event
An event that interrupts planned activities, operations, or functions, whether anticipated or unanticipated.
The Parento Analysis
assumes for risk events that roughly 80% of the effects come from 20% of the outcomes. Simple technique for prioritizing the problems that will be resolved by making these changes. Can be limited by its exclusion of problems that are small but may grow with time
Scenario Analysis
A process of of analyzing possible and plausible future events by considering alternative scenarios and outcomes.
