Risk analysis (engineering)

This article is about engineering. For other uses, see Risk analysis.
NASA's illustration showing high impact risk areas for the International Space Station

Risk analysis is the science of risks and their probability and evaluation.

Probabilistic risk assessment is one analysis strategy usually employed in science and engineering.

Risk analysis and the risk workshop

Risk analysis should be performed as part of the risk management process for each project. The data of which would be based on risk discussion workshops to identify potential issues and risks ahead of time before these were to pose cost and/ or schedule negative impacts (see the article on Cost contingency for a discussion of the estimation of cost impacts).

The risk workshops should be attended by a large group ideally between 6 to 10 individuals from the various departmental functions (e.g. project manager, construction manager, site superintendent, and representatives from operations, procurement, [project] controls, etc.) so as to cover every risk element from different perspectives.

The outcome of the risk analysis would be the creation or review of the risk register to identify and quantify risk elements to the project and their potential impact.

Given that risk management is a continuous and iterative process, the risk workshop members would regroup on at regular intervals and project milestones to review the risk register mitigation plans, make changes to it as appropriate and following those changes re-run the risk model. By constantly monitoring risks these can be successfully mitigated resulting in a cost and schedule savings with a positive impact on the project.

Risk analysis and Information security

Main article: IT risk

The risk evaluation of the Information technology environment has been the subject of some methodologies; Information security is a science that based itself on the evaluation and management of security risk, regarding the information used by organization to pursue their business objectives. Standardization bodies like ISO, NIST, The Open Group, Information Security Forum had published different standards in this field. International organizations such ENISA, ISACA had published many papers about it.

See also

External links

This article is issued from Wikipedia - version of the Friday, March 18, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.