Buyers Meeting Point procurement by Kelly Barner

RSS Feed Buyers Meeting Point procurement by Kelly Barner LinkedIn Buyers Meeting Point procurement Kelly Barner twitter Buyers Meeting Point procurement Kelly Barner scribd Buyers Meeting Point procurement Kelly Barnerblogtalkradio Buyers Meeting Point procurement Kelly Barner podcast BMP Radioyoutube Buyers Meeting Point procurement Kelly Barnersoundcloud Buyers Meeting Point procurement Kelly Barner

This week's Wiki-Wednesday topic is: RISK MANAGEMENT.  The following is an excerpt from the Wikipedia page on this topic. Click here to be connected to the full page. 

Risk management is the identification, assessment, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives, whether positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events[1] or to maximize the realization of opportunities. Risks can come from uncertainty in financial markets, project failures, legal liabilities, credit risk, accidents, natural causes and disasters as well as deliberate attacks from an adversary. Several risk management standards have been developed including the Project Management Institute, the National Institute of Science and Technology, actuarial societies, and ISO standards.[2][3] Methods, definitions and goals vary widely according to whether the risk management method is in the context of project management, security, engineering, industrial processes, financial portfolios, actuarial assessments, or public health and safety.

The strategies to manage risk include transferring the risk to another party, avoiding the risk, reducing the negative effect of the risk, and accepting some or all of the consequences of a particular risk.

Certain aspects of many of the risk management standards have come under criticism for having no measurable improvement on risk even though the confidence in estimates and decisions increase.[1]

For the most part, these methods consist of the following elements, performed, more or less, in the following order.

  1. identify, characterize, and assess threats
  2. assess the vulnerability of critical assets to specific threats
  3. determine the risk (i.e. the expected consequences of specific types of attacks on specific assets)
  4. identify ways to reduce those risks
  5. prioritize risk reduction measures based on a strategy