Search results for: cybersecurity risk management plan

Authors: Pırıl Tekin, Rızvan Erol

Abstract:

Risk management has become very important and popular in developing countries in recent years. Especially making patient and employee health and safety issues compulsory in the hospitals, raised the number of studies in Turkey. Also risk management become more important for hospital senior management from clinics to the laboratories. Because quality is really important to be chosen for both patients to consult and employees to prefer to work. And also risk management studies can lead to hospital management team about future works and methods. By this point of view, this study is the risk assessment carried out in the biggest dental hospital in the south part of Turkey. This study was conducted as a research case study, covering two different health care place; A Clinic and A Laboratory. It shows that the problems in this dental hospital and how it can solve all.

Keywords: risk management, healthcare, dental hospital, quality management

Procedia PDF Downloads 343

Authors: Rashid Masoud Ali Al-Mazrui, Ramadhani Mashaka Shabani

Abstract:

Islamic banks and financial institutions are exposed to the same risks as conventional banking. These risks include the rate return risk, credit or market risk, liquidity risk, and operational risk among others. However, being a financial institution that operates Islamic banking and finance operations, there is additional risk associated with its operations different from conventional finance, such as displacing commercial risk. They face Shari'ah compliance risks because of their failure to follow Shari'ah principles. To have proper mitigation and risk management, banks should have proper risk management policies to mitigate risks. This paper aims to study the risk management taken by Islamic banks in comparison with conventional banks. Also, the study evaluates the provisions for risk management taken by selected Islamic banks and conventional banks. The study employs qualitative analysis using secondary data by applying a content analysis approach with a sample size of 4 Islamic banks and four conventional banks ranging from 2010 to 2020. We find that these banks all use the same technique, except for the associated risk. The extra ways are used, but only for additional risks that are available to Islamic banking and finance.

Keywords: emerging risk, risk management, Islamic banking, conventional bank

Procedia PDF Downloads 43

Authors: Logan Carmichael

Abstract:

As the world’s governments seek to increasingly digitize their service provisions, there exists a subsequent and fully valid concern about the security underpinning these digital governance provisions. Estonia, a small and innovative Baltic nation, has been refining both its digital governance structure and cybersecurity mechanisms for over three decades and has been praised as global ‘best practice’ in both fields. However, the security of the Estonian digital governance system has been ever-evolving and significantly shaped by cybersecurity crises. This paper examines said crises – 2007 cyberattacks on Estonian government, banks, and news media; the 2017 e-ID crisis; the ongoing COVID-19 pandemic; and the 2022 Russian invasion of Ukraine – and how governance decision-making following these crises has shaped the cybersecurity of the digital governance structure in Estonia. This paper employs a blended constructivist and historical institutionalist theoretical approach as a useful means to view governance and decision-making in the wake of cybersecurity incidents affecting the Estonian digital governance structure. Together, these theoretical groundings frame the topics of cybersecurity and digital governance in an Estonian context through a lens of ideation and experience, as well as institutional path dependencies over time and cybersecurity crises as critical junctures to study. Furthermore, this paper takes a qualitative approach, employing discourse analysis, policy analysis, and elite interviewing of Estonian officials involved in digital governance and cybersecurity in order to glean nuanced perspectives into the processes that followed these four crises. Ultimately, the results of this paper will offer insight into how governments undertake policy-driven change following cybersecurity crises to ensure sufficient security of their digitized service provisions. This paper’s findings are informative not only in continued decision-making in the Estonian system but also in other states currently implementing a digital governance structure, for which security mechanisms are of the utmost importance.

Keywords: cybersecurity, digital governance, Estonia, crisis management, governance in crisis

Procedia PDF Downloads 85

Authors: Laxman Budhathoki, Lal Bahadur Shrestha, K. C. Laxman

Abstract:

Hundreds of people are being lost their life by flood disaster in Nepal every year. Community-based disaster management committee has formed to formulate the disaster management plan including the component of EWS like EWS tower, rain gauge station, flood gauge station, culverts, boats, ropes, life jackets, a communication mechanism, emergency shelter, Spur, dykes, dam, evacuation route, emergency dry food management etc. Now EWS become a successful tool to decrease the human casualty from 13 to 0 every year in Rapti River of Chitwan District.

Keywords: disaster risk reduction, early warning system, flood, participatory approach

Procedia PDF Downloads 324

Authors: Hotlan Siagian, Han Tae Hee

Abstract:

This study aims to examine the effect of supplier trust and top management involvement on the supply chain risk management through buyer-supplier relationship. The population of the research is 44 Korean companies domiciled in East and Central Java of Indonesia. The respondent consists of a top management level from each company. Data collection used a questionnaire designed with five-item Likert scale. Collected data were analyzed using structural equation modeling (SEM) technique with SmartPLS software version 3.0 to examine the hypotheses. The result revealed that supplier trust has an effect on supply chain risk management, top management involvement affects supply chain risk management, supplier trust influences buyer-supplier relationship, top management involvement affects the buyer-supplier relationship, and buyer-supplier relationship affects supply chain risk management. The last finding is that buyer-supplier relationship empirically mediates the effect of supplier trust and top management involvement.

Keywords: buyer supplier relationship, supplier trust, supply chain risk management, top management involvement

Procedia PDF Downloads 178

Authors: G. Ramya

Abstract:

Value engineering is a systematic approach, widely used to optimize the design or process or product in the designing stage. It used to achieve the client's obligation by increasing the functionality and attain the targeted cost in the cost planning. Value engineering effectiveness and benefits decrease along with the progress of the project since the change in the scope of the work and design will account for more cost all along the lifecycle of the project. Integrating the value engineering with other project management activities will promote cost minimization, client satisfaction, and ensure early completion of the project in time. Previous research studies suggested that value engineering can integrate with other project delivery activities, but research studies unable to frame a model that collaborates the project management activities with the job plan of value engineering approach. I analyzed various project management activities and their synergy between each other. The project management activities and processes like a)risk analysis b)lifecycle cost analysis c)lean construction d)facility management e)Building information modelling f)Contract administration, collaborated, and project delivery model planned along with the RIBA plan of work. The key outcome of the research is a value-driven project delivery model, which will succeed in dealing with the economic impact, constraints and conflicts arise due to the COVID-19 outbreak in the Indian construction sector. Benefits associated with the structured framework is construction project delivery that ensures early contractor involvement, mutual risk sharing, and reviving the project with a cost overrun and delay back on track ,are discussed. Keywords: Value-driven project delivery model, Integration, RIBA plan of work Themes: Design Economics

Keywords: value-driven project delivery model, Integration, RIBA

Procedia PDF Downloads 95

Authors: Najeebah Almahmeed

Abstract:

Risk Management is an evolving subject among organizations that include corporations, governments, non-governmental organizations, and not-for-profit corporations. In order to enhance awareness around the importance of Risk Management and make sure everyone is using it in their day-to-day job, the Risk Culture topic has emerged and gained importance not only in the Finance Sector but also in the National Oil Companies in Kuwait. Risk Culture can be defined as the shared beliefs, attitudes, and behaviors within a company that guide its approach to managing risks. It acts as a connecting force that links policies, procedures, and individuals, influencing how risks are understood and tackled through activities. In this research, benefits of Risk Culture are shared, guidelines are presented to promote a risk aware culture, and fully embed and enforce Risk-based processes and procedures. Moreover, this research demonstrates methodologies of measuring the Risk Culture using specific dimensions and clusters.

Keywords: clusters, dimensions, national oil companies, risk culture, risk management

Procedia PDF Downloads 40

Authors: Tinu Rose Francis, S. Wilkinson, Y. Chang-Richards, S. Mannakkara

Abstract:

The objective of this paper is to assess the implementation of Build Back Better (BBB) propositions for disaster risk reduction in the natural environment with regard to greater Christchurch, New Zealand, after the 2010–2011 earthquakes in the region. A set of indicators was established to analyse the extent of recovery attained in Christchurch. Disaster recovery in the region is an ongoing process, which gives us the opportunity to rate the progress made so far. Disasters cause significant damage to the built, social and economic environments and also have severe consequences for the natural environment. Findings show that greater Christchurch has made important progress and implemented a comprehensive natural environment recovery plan. The plan addresses the restoration of biodiversity, natural resources, disaster waste management and amenity values in greater Christchurch. This paper also surveys the risk reduction actions being implemented with regard to the natural environment. The findings of this study will help governing bodies to identify and fill the gaps in their natural environment recovery plans.

Keywords: build back better (BBB), natural environment, planning, recovery, reconstruction, resilience, risk reduction

Procedia PDF Downloads 350

Authors: Braimah Joseph Odunayo, Jiju Gillariose

Abstract:

This paper is aimed at developing a sampling plan that uses information from precedent and successive lots for lot disposition with a pretention that the life-time of a particular product assumes a Log-logistic distribution. A Two-pronged Truncated Deferred Sampling Plan (TTDSP) for Log-logistic distribution is proposed when the testing is truncated at a precise time. The best possible sample sizes are obtained under a given Maximum Allowable Percent Defective (MAPD), Test Suspension Ratios (TSR), and acceptance numbers (c). A formula for calculating the operating characteristics of the proposed plan is also developed. The operating characteristics and mean-ratio values were used to measure the performance of the plan. The findings of the study show that: Log-logistic distribution has a decreasing failure rate; furthermore, as mean-life ratio increase, the failure rate reduces; the sample size increase as the acceptance number, test suspension ratios and maximum allowable percent defective increases. The study concludes that the minimum sample sizes were smaller, which makes the plan a more economical plan to adopt when cost and time of production are costly and the experiment being destructive.

Keywords: consumers risk, mean life, minimum sample size, operating characteristics, producers risk

Procedia PDF Downloads 105

Authors: Haydar Teymourlouei

Abstract:

Cybersecurity is one of the greatest challenges society faces in an age revolving around technological development. With cyber-attacks on the continuous rise, the nation needs to understand and learn ways that can prevent such attacks. A major contribution that can change the education system is to implement laboratories and competitions into academia. This method can improve and educate students with more hands-on exercises in a highly motivating setting. Considering the fact that students are the next generation of the nation’s workforce, it is important for students to understand concepts not only through books, but also through actual hands-on experiences in order for them to be prepared for the workforce. An effective cybersecurity education system is critical for creating a strong cyber secure workforce today and for the future. This paper emphasizes the need for awareness and the need for competitions and cybersecurity laboratories to be implemented into the education system.

Keywords: awareness, competition, cybersecurity, laboratories, workforce

Procedia PDF Downloads 308

Authors: Masoud Ghahvechi Pour

Abstract:

Risk management is a systematic and regular process of identifying, analyzing and responding to risks throughout the project's life cycle in order to achieve the optimal level of elimination, reduction or control of risk. The purpose of project risk management is to increase the probability and effect of positive events and reduce the probability and effect of unpleasant events on the project. Risk management is one of the most fundamental parts of project management, so that unmanaged or untransmitted risks can be one of the primary factors of failure in a project. Effective risk management does not apply to risk regression, which is apparently the cheapest option of the activity. However, the main problem with this option is the economic sensitivity, because what is potentially profitable is by definition risky, and what does not pose a risk is economically interesting and does not bring tangible benefits. Therefore, in relation to the implemented project, effective risk management is finding a "middle ground" in its management, which includes, on the one hand, protection against risk from a negative direction by means of accurate identification and classification of risk, which leads to analysis And it becomes a comprehensive analysis. On the other hand, management using all mathematical and analytical tools should be based on checking the maximum benefits of these decisions. Detailed analysis, taking into account all aspects of the company, including stakeholder analysis, will allow us to add what will become tangible benefits for our project in the future to effective risk management. Identifying the risk of the project is based on the theory that which type of risk may affect the project, and also refers to specific parameters and estimating the probability of their occurrence in the project. These conditions can be divided into three groups: certainty, uncertainty, and risk, which in turn support three types of investment: risk preference, risk neutrality, specific risk deviation, and its measurement. The result of risk identification and project analysis is a list of events that indicate the cause and probability of an event, and a final assessment of its impact on the environment.

Keywords: risk, management, knowledge, risk management

Procedia PDF Downloads 29

Authors: Han Gul Lee

Abstract:

When water treatments utilities are designed, an initial construction site risk assessment is conducted. This helps us to understand general safety risks that each utility needs to be complemented in the designing stage. Once it’s built, an additional risk reassessment process secures and supplements its disaster management and response plan. Because of its constantly changing surroundings with city renovation and developments, the degree of various risks that each facility has to face changes. Therefore, to improve the preparedness for spill incidents or disasters, emergency managers should run spill simulations with the available scientific technologies. This research used a two-dimensional flow routing model to simulate its spill disaster scenario based on its digital elevation model (DEM) collected with drone technologies. The results of the simulations can help emergency managers to supplement their response plan with concrete situational awareness in advance. Planning based on this simulation model minimizes its potential loss and damage when an incident like earthquakes man-made disaster happens, which could eventually be a threat in a public health context. This pilot research provides an additional paradigm to increase the preparedness to spill disasters. Acknowledgment: This work was supported by Korea Environmental Industry & Technology Institute (KEITI) through Environmental R&D Project on the Disaster Prevention of Environmental Facilities Program funded by Korea Ministry of Environment (MOE) (No.202002860001).

Keywords: risk assessment, disaster management, water treatment utilities, situational awareness, drone technologies

Procedia PDF Downloads 116

Authors: Eniye Tebekaemi, Martin Zhao

Abstract:

The dichotomy between the skills set of newly minted college graduates and the skills required by cybersecurity employers is on the rise. Colleges are struggling to cope with the rapid pace of technology evolution using outdated tools and practices. Industries are getting frustrated due to the need to retrain fresh college graduates on skills they should have acquired. There is a dire need for academic institutions to develop new tools and systems to deliver cybersecurity education to meet the ever-evolving technology demands of the industry. The Cyber-Softbook project’s goal is to bridge the tech industry and tech education gap by providing educators a framework to collaboratively design, manage, and deliver cybersecurity academic courses that meet the needs of the tech industry. The Cyber-Softbook framework, when developed, will provide a platform for academic institutions and tech industries to collaborate on tech education and for students to learn about cybersecurity with all the resources they need to understand concepts and gain valuable skills available on a single platform.

Keywords: cybersecurity, education, skills, labs, curriculum

Procedia PDF Downloads 57

Authors: Tio Novita Efriani

Abstract:

Public sector organizations work in a complex and risky environment. Since the beginning of 2000s, the public sector has paid attention to the need for an effective risk management. The Indonesian public sector has also concerned about this issue and in 2008 it enacted the Government Regulation that gives mandate for the implementation of risk management in government organizations. This paper investigates risk management implementation in the Indonesian public sector organizations and the role of transformational leadership and internal audit activities. Data was collected via survey. A total of 202 effective responses (30% response rate) from employees in 34 government ministries were statistically analyzed by using Partial least square structural equation modelling (PLS-SEM) and the software was SmartPLS 3.0. All the constructs were lower order, except for the risk management implementation construct, which was treated as a second-order construct. A two-stage approach was employed in the analysis of the higher order component. The findings revealed that transformational leadership positively influence risk management implementation. The findings also found that the core and legitimate roles of internal audit in risk management positively affect the implementation of risk management. The final finding showed that internal auditing mediates a relationship between transformational leadership and risk management implementation. These results suggest that the implementation of risk management in the Indonesian public sector was significantly supported by internal auditors and leadership. The findings confirm the importance of transformational leadership and internal audit in the public sector risk management strategies.

Keywords: Indonesian public sector, internal audit, risk management, transformational leadership

Procedia PDF Downloads 170

Authors: Ali Abdullah Albezaghi

Abstract:

This article aims to introduce a conceptual framework that can facilitate investigations concerning the role of risk management practices in the relationship between construction risks and the construction project's performance. This article is structured based on the extant literature; it reviews theoretical perspectives, highlights the gaps, and illustrates the significance of developing a framework of suggested relationships. Despite growing interest in the role of risks in construction project performance, previous studies have paid little attention to investigating the moderating role of risk management practices on the risk-performance link. This has left researchers and construction project managers with minimal information to explain the conditions under which risk management practices can reduce the impact of project-related risks and improve performance. In this context, this article suggests a viable research model with propositions that assess risk-performance relationships and discusses the potential moderating effects on the domain relationship. This paper adds to the risk management literature by focusing on risk variables that directly impact performance. Further, it also considers the moderating role of risk management practices in such relationships.

Keywords: risk management practices, external risks, internal risks, project risks, project performance

Procedia PDF Downloads 97

Authors: Aparna Viswanath

Abstract:

Electricity spot prices are highly volatile under optimal generation capacity scenarios due to factors such as non-storability of electricity, peak demand at certain periods, generator outages, fuel uncertainty for renewable energy generators, huge investments and time needed for generation capacity expansion etc. As a result market participants are exposed to price and volume risk, which has led to the development of risk management practices. This paper provides an overview of risk management practices by market participants in electricity markets using financial derivatives.

Keywords: financial derivatives, forward, futures, options, risk management

Procedia PDF Downloads 449

Authors: Sayor Ajfar Aaron, Md. Mushfiqur Rahman, Sajjat Hossain Abir, Ashif Newaz

Abstract:

This paper examines the transformative potential of quantum computing in the field of cybersecurity, with a focus on advanced penetration testing and forensics. It explores how quantum technologies can be leveraged to identify and exploit vulnerabilities more efficiently than traditional methods and how they can enhance the forensic analysis of cyber-attacks. Through theoretical analysis and practical simulations, this study highlights the enhanced capabilities of quantum algorithms in detecting and responding to sophisticated cyber threats, providing a pathway for developing more resilient cybersecurity infrastructures.

Keywords: cybersecurity, cyber forensics, penetration testing, quantum computing

Procedia PDF Downloads 7

Authors: R. A. Temah, L. A. Nkengla-Asi

Abstract:

Planning for future disasters sets the stage for a variety of activities that may trigger multiple recurring operations and expose the community to opportunities to minimize risks. Local communities are increasingly embracing the necessity for planning based on local risks, but are also significantly challenged to effectively plan and response to disasters. This research examines basic risk-based disaster planning model and compares it with advanced risk-based planning that introduces the identification and alignment of varieties of local capabilities within and out of the local community that can be pivotal to facilitate the management of local risks and cascading effects prior to a disaster. A critical review shows that the identification and alignment of capabilities can potentially enhance risk-based disaster planning. A tailored holistic approach to risk based disaster planning is pivotal to enhance collective action and a reduction in disaster collective cost.

Keywords: capabilities, disaster planning, hazards, local community, risk-based

Procedia PDF Downloads 176

Authors: Christo Februanto Putra

Abstract:

This paper presents risk identification that affects investment feasibility on toll road infrastructure in Indonesia using qualitative methods survey based on the expert practitioner in investor, contractor, and state officials. The problems on infrastructure investment in Indonesia, especially on KPBU model contract, is many risk factors in the investment plan is not calculated in detail thoroughly. Risk factor is a value used to provide an overview of the risk level assessment of an event which is a function of the probability of the occurrence and the consequences of the risks that arise. As results of the survey which is to show which risk factors impacts directly to the investment feasibility and rank them by their impacts on the investment.

Keywords: risk identification, indonesia toll road, investment feasibility

Procedia PDF Downloads 245

Authors: Gerhard Grebe, Johan Marx

Abstract:

The aim of the study is to assess the state of operational risk management and the adoption of an appropriate risk culture in Ghanaian banks. The Bank of Ghana (BoG) joined the Basel Consultative Group (BCG) of the Basel Committee on Bank Supervision (BCBS) in 2021 and is proceeding with the implementation of the Basel III international regulatory framework for banks. The BoG’s Directive about risk management encourages, inter alia, the creation of an appropriate risk culture by Ghanaian banks. However, it is not evident how the risk management staff of Ghanaian banks experience the risk culture and the implementation of operational risk management in the banks where they are employed. Ghana is a developing economy, and it is addressing challenges with its organisational culture. According to Transparency International, successive Ghanaian governments claim to be fighting corruption, but little success has been achieved so far. This points to a possible lack of accountability, transparency, and integrity in the environment in which Ghanaian banks operate and which could influence their risk culture negatively. Purposive sampling was used for the survey, and the questionnaire was completed byGhanaian bank personnel who specializesin operational risk management, risk governance, and compliance, bank supervision, risk analyses, as well as the implementation of the operational risk management requirements of the Basel regulatory frameworks. The respondents indicated that they are fostering a risk culture and implementing monitoring and reporting procedures; the three lines of defence (3LOD); compliance; internal auditing; disclosure of operational risk information; and receiving guidance from the bank supervisor in an attempt to improve their operational risk management practices. However, the respondents reported the following challenges with staff members who are not inside the risk management departments(in order of priority), namelydemonstrating a risk culture, training and development; communication; reporting and disclosure; roles and responsibilities; performance appraisal; and technological and environmental barriers. Recommendations to address these challenges are provided

Keywords: ghana, operational risk, risk culture, risk management

Procedia PDF Downloads 84

Authors: Spanova Yerkezhan, Amantay Ayan, Alimzhanova Laura

Abstract:

This article discusses the concept of rebranding and its relationship to cybersecurity. Rebranding is the process of changing the appearance and image of a company or organization in order to appeal to new customers or change the perception of a company. It can be a powerful tool for businesses looking to renew their reputation or expand into new markets. In today's digital age, companies increasingly rely on technology and the internet to conduct business; rebranding can also present significant cybersecurity risks. This is because a rebranding effort can create new vulnerabilities for companies, particularly in terms of their online presence. This article explores the potential hazards associated with rebranding and provides recommendations for mitigating those risks. It also highlights the importance of considering cybersecurity in the rebranding process and how it can be integrated into the overall strategy for a successful and secure rebranding.

Keywords: rebranding, cybersecurity, cyberattack, logo, vulnerability

Procedia PDF Downloads 128

Authors: Ida Ngurah

Abstract:

Indonesia is one of the most prone disaster countries, which has earthquake, tsunami or high wave, flood and landslide as well as volcano eruption and drought. Disaster risk reduction has been developing extensively and comprehensively, particularly after tsunami hit in 2004. Yet, saving people live including children and youth from disaster risk is still far from succeed. Poor management of environment, poor development of policy and high level of corruption has become challenges for Indonesia to save its people from disaster impact. Indonesia is struggling to ensure its future best investment, children and youth to have better protection when disaster strike in school hours and have basic knowledge on disaster risk reduction. The program of safe school is being initiated and developed by Plan Indonesia since 2010, yet this effort still needs to be elaborated. This paper is reviewing sporadic safe school programs that have been implemented or currently being implemented Plan Indonesia in few areas of Indonesia, including both rural and urban setting. Methods used are in-depth interview with dedicated person for the program from Plan Indonesia and its implementing patners and analysis of project documents. The review includes program’s goal and objectives, implementation activity, result and achievement as well as its monitoring and evaluation scheme. Moreover, paper will be showing challenges, lesson learned and best practices of the program. Eventually, paper will come up with recommendation for strategy for better implementation of safe school program in Indonesia.

Keywords: disaster impact, safe school, programs, children, youth

Procedia PDF Downloads 336

Authors: Gregory Michael McMahon

Abstract:

Risk management for the purposes of minimizing the damages from the operations of dams has met with opposition emerging from organisations and authorities, and their practitioners. It appears that the cause may be a misunderstanding of risk management arising from exchanges that mix deterministic thinking with risk-centric thinking and that do not separate uncertainty from reliability and accuracy from probability. This paper sets out those misunderstandings that arose from dam operations at Wivenhoe in 2011, using a comparison of outcomes that have been based on the methodology and its rules and those that have been operated by applying misunderstandings of the rules. The paper addresses the performance of one risk-centric Flood Manual for Wivenhoe Dam in achieving a risk management outcome. A mixture of engineering, administrative, and legal factors appear to have combined to reduce the outcomes from the risk approach. These are described. The findings are that a risk-centric Manual may need to assist administrations in the conduct of scenario training regimes, in responding to healthy audit reporting, and in the development of decision-support systems. The principal assistance needed from the Manual, however, is to assist engineering and the law to a good understanding of how risks are managed – do not assume that risk management is understood. The wider findings are that the critical profession for decision-making downstream of the meteorologist is not dam engineering or hydrology, or hydraulics; it is risk management. Risk management will provide the minimum flood damage outcome where actual rainfalls match or exceed forecasts of rainfalls, that therefore risk management will provide the best approach for the likely history of flooding in the life of a dam, and provisions made for worst cases may be state of the art in risk management. The principal conclusion is the need for training in both risk management as a discipline and also in the application of risk management rules to particular dam operational scenarios.

Keywords: risk management, flood control, dam operations, deterministic thinking

Procedia PDF Downloads 52

Authors: Azar Baghtaghi

Abstract:

Financial risk management is critically important as it enables companies to maintain stability and profitability amidst market fluctuations and unexpected events. It involves the precise identification of risks that could impact investments, assets, and potential revenues. By implementing effective risk management strategies, companies can insure themselves against adverse market changes and prevent potential losses. In today's era, where markets are highly complex and influenced by various factors such as macroeconomic policies, exchange rate fluctuations, and natural disasters, the need for meticulous planning to cope with these uncertainties is more pronounced. Ultimately, financial risk management means being prepared for the future and the ability to sustain business in changing environments. A company capable of managing its risks not only achieves sustainable profitability but also gains the confidence of shareholders, investors, and business partners, enhancing its competitive position in the market. In this article, the types of financial risk and risk management strategies for improving financial performance were investigated. By identifying the risks stated in this article and their evaluation techniques, it is possible to improve the organization's financial performance.

Keywords: strategy, risk, risk management, financial performance

Procedia PDF Downloads 18

Authors: Umesh Kumar Singh, Chanchala Joshi

Abstract:

With increasing dependency on IT infrastructure, the main objective of a system administrator is to maintain a stable and secure network, with ensuring that the network is robust enough against malicious network users like attackers and intruders. Security risk management provides a way to manage the growing threats to infrastructures or system. This paper proposes a framework for risk level estimation which uses vulnerability database National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). The proposed framework measures the frequency of vulnerability exploitation; converges this measured frequency with standard CVSS score and estimates the security risk level which helps in automated and reasonable security management. In this paper equation for the Temporal score calculation with respect to availability of remediation plan is derived and further, frequency of exploitation is calculated with determined temporal score. The frequency of exploitation along with CVSS score is used to calculate the security risk level of the system. The proposed framework uses the CVSS vectors for risk level estimation and measures the security level of specific network environment, which assists system administrator for assessment of security risks and making decision related to mitigation of security risks.

Keywords: CVSS score, risk level, security measurement, vulnerability category

Procedia PDF Downloads 295

Authors: Samuel Owoade, Zainab Idowu, Idris Ajibade, Abel Uzoka

Abstract:

Cloud computing adoption continues to soar, with 83% of enterprise workloads estimated to be in the cloud by 2022. However, this rapid migration raises security concerns, needing strong security management solutions to safeguard sensitive data and essential applications. This paper investigates the critical role of technical project managers in orchestrating security management initiatives for cloud environments, evaluating their responsibilities, challenges, and best practices for assuring the resilience and integrity of cloud infrastructures. Drawing from a comprehensive review of industry reports and interviews with cloud security experts, this research highlights the multifaceted landscape of security management in cloud environments. Despite the rapid adoption of cloud services, only 25% of organizations have matured their cloud security practices, indicating a pressing need for effective management strategies. This paper proposes a strategy framework adapted to the demands of technical project managers, outlining the important components of effective cloud security management. Notably, 76% of firms identify misconfiguration as a major source of cloud security incidents, underlining the significance of proactive risk assessment and constant monitoring. Furthermore, the study emphasizes the importance of technical project managers in facilitating cross-functional collaboration, bridging the gap between cybersecurity professionals, cloud architects, compliance officers, and IT operations teams. With 68% of firms seeing difficulties integrating security policies into their cloud systems, effective communication and collaboration are critical to success. Case studies from industry leaders illustrate the practical use of security management projects in cloud settings. These examples demonstrate the importance of technical project managers in using their expertise to address obstacles and generate meaningful outcomes, with 92% of firms reporting improved security practices after implementing proactive security management tactics. In conclusion, this research underscores the critical role of technical project managers in safeguarding cloud environments against evolving threats. By embracing their role as guardians of the cloud realm, project managers can mitigate risks, optimize resource utilization, and uphold the trust and integrity of cloud infrastructures in an era of digital transformation.

Keywords: cloud security, security management, technical project management, cybersecurity, cloud infrastructure, risk management, compliance

Procedia PDF Downloads 18

Authors: Olakunle Felix Adekunle

Abstract:

Risk management is recognised as an essential tool to tackle the inevitable uncertainty associated with business and projects at all levels. But it frequently fails to meet expectations, with projects continuing to run late, over budget or under performing, and business is not gaining the expected benefits. The evident disconnect which often occurs between strategic vision and tactical project delivery typically arises from poorly defined project objectives and inadequate attention to the proactive management of risks that could affect those objectives. One of the main failings in the traditional approach to risk management arises from a narrow focus on the downside, restricted to the technical or operational field, addressing tactical threats to processes, performance or people. This shortcoming can be overcome by widening the scope of risk management to encompass both strategic risks and upside opportunities, creating an integrated approach which can bridge the gap between strategy and tactics. Integrated risk management addresses risk across a variety of levels in the organisation, including strategy and tactics, and covering both opportunity and threat. Effective implementation of integrated risk management can produce a number of benefits to the organisation which are not available from the typical limited-scope risk process. This paper explores how to expand risk management to deliver strategic advantage while retaining its use as a tactical tool.

Keywords: risk management, success, organization, strategy, project, tactis, vision

Procedia PDF Downloads 363

Authors: Herawanti Kumalasari, Raldi Hendro Koestoer, Hayati Sari Hasibuan

Abstract:

Geographically, Indonesia is located in the arc of volcanoes that cause disaster prone one of them is landslide disaster. One of the causes of the landslide is the conversion of land from forest to agricultural land in upland areas and river border that has a steep slope. The study area is located in the highlands with fertile soil conditions, so most of the land is used as agricultural land and plantations. Land use transfer also occurs around the geothermal field in Pangalengan District, West Java Province which will threaten the sustainability of geothermal energy utilization and the safety of the community. The purpose of this research is to arrange the concept of spatial pattern arrangement in the geothermal area based on disaster mitigation. This research method using superimpose analysis. Superimpose analysis to know the basic physical condition of the planned area through the overlay of disaster risk map with the map of the plan of spatial plan pattern of Bandung Regency Spatial Plan. The results of the analysis will then be analyzed spatially. The results have shown that most of the study areas were at moderate risk level. Planning of spatial pattern of existing study area has not fully considering the spread of disaster risk that there are settlement area and the agricultural area which is in high landslide risk area. The concept of the arrangement of the spatial pattern of the study area will use zoning system which is divided into three zones namely core zone, buffer zone and development zone.

Keywords: spatial planning, geothermal, disaster risk, zoning

Procedia PDF Downloads 243

Authors: Francine Morales Tavares, Jose Alberto Rio Fernandes

Abstract:

The expanding concept of Heritage and the increased relevance of how heritage places relate to their surroundings is associated with an important shift in public heritage policies and how they consider the development of cities and communities, with an increasingly relevant role of management. Within the current discussions, management plans, mandatory since the year 2005 in areas classified by UNESCO as World Heritage, it is a tool for the reconciliation of cultural heritage demands with the needs of multiple users of a certain area, being especially critical in the case of urban areas with intense touristic pressure. Considering the transformations of the heritage policy management model, this paper discusses the practices on the integration of cultural heritage in urban policies through indicators which were selected from resource manual 'Managing Cultural World Heritage (2013)' and analyzed two case studies: The Management Plan of the Historic Centre of Porto (Portugal) and The Management Plan for the Historic Site of Olinda (Brazil). The empirical evidence concluded that for the historic centre of Porto the increase of tourism is the main aim driver in the management plan, with positive and negative aspects on the heritage management point of view, unlike Olinda, where the plan for the development of local urban policies was identified as essential. Plans also differ in form, content and process but coincide on being unaligned with committed local political leaders’ agendas, with the consequent misunderstandings between theory and practice, planning and management, and critically missing in the field integration of urban policies. Therefore, more debate about management plans, more efficient tools and also, appropriate methodologies to correlate cultural heritage and urban public policy are still lacking.

Keywords: world heritage, management plan, planning, urban policies

Procedia PDF Downloads 123

Authors: Freddy Houndekindo

Abstract:

A study was carried out to evaluate the flood risk in the district of Malanville located along the Niger River. The knowledge produce by this study is useful in the implementation of adaptation and/or mitigation measures to alleviate the impact of the flooding on the populations, the economy and the environment. Over the course of the study, the lack of data in the area of interest has been one of the main challenges encountered. Therefore, in the analysis of the flood hazard different sources of remotely sensed data were used. Moreover, the flood hazard was analysed by applying a 1D hydraulic model: HEC-RAS. After setting up the model for the study area, the different flood scenarios considered were simulated and mapped using ArcGIS and the HEC-GEORAS extension. The result of the simulation gave information about the inundated areas and the water depths at each location. From the analysis of the flood hazard, it was found that between 47% and 50% of the total area of the district of Malanville would be flooded in the different flood scenarios considered, and the water depth varies between 1 and 7 m. The townships of Malanville most at risk of flooding are Momkassa and Galiel, located in a high-risk and very high-risk zone, respectively. Furthermore, the assessment of the flood risk showed that the most vulnerable sector to the inundations is the agricultural sector. Indeed, the cultivated floodplains were the most affected areas by the floodwater in every flood scenarios. Knowing that a high proportion of the population of the district relies on their farmlands in these floodplains for their livelihood, the floods pose a challenge not only to the food security in the area but also to its development.

Keywords: flood risk management, Niger, remote sensing, vulnerability

Procedia PDF Downloads 119