Search results for: risks and vulnerabilities

Authors: Ezgi Nevruz, Kasirga Yildirak, Ashis SenGupta

Abstract:

Comparing or ranking risks is the main motivating factor behind the human trait of making choices. Cumulative prospect theory (CPT) is a preference theory approach that evaluates perception and bias in decision making under risk and uncertainty. We aim to investigate the aggregate claims of different risk classes in terms of their comparability and amenability to ordering when the impact of risk perception is considered. For this aim, we prioritize the aggregate claims taken as actuarial risks by using various stochastic ordering relations. In order to prioritize actuarial risks, we use stochastic relations such as stochastic dominance and stop-loss dominance that are proposed in the frame of partial order theory. We take into account the dependency of the individual claims exposed to similar environmental risks. At first, we modify the zero-utility premium principle in order to obtain a solution for the stop-loss premium under CPT. Then, we propose a stochastic stop-loss dominance of the aggregate claims and find a relation between the stop-loss dominance and the first-order stochastic dominance under the dependence assumption by using properties of the familiar as well as some emerging multivariate claim distributions.

Keywords: cumulative prospect theory, partial order theory, risk perception, stochastic dominance, stop-loss dominance

Procedia PDF Downloads 299

Authors: Érick Aragão Ribeiro, George André Pereira Thé, José Marques Soares

Abstract:

Several problems in industrial supervision software development projects may lead to the delay or cancellation of projects. These problems can be avoided or contained by using identification methods, analysis and control of risks. These procedures can give an overview of the possible problems that can happen in the projects and what are the immediate solutions. Therefore, we propose a risk management method applied to the teaching and development of industrial supervision software. The method is developed through a literature review and previous projects can be divided into phases of management and have basic features that are validated with experimental research carried out by mechatronics engineering students and professionals. The management is conducted through the stages of identification, analysis, planning, monitoring, control and communication of risks. Programmers use a method of prioritizing risks considering the gravity and the possibility of occurrence of the risk. The outputs of the method indicate which risks occurred or are about to happen. The first results indicate which risks occur at different stages of the project and what risks have a high probability of occurring. The results show the efficiency of the proposed method compared to other methods, showing the improvement of software quality and leading developers in their decisions. This new way of developing supervision software helps students identify design problems, evaluate software developed and propose effective solutions. We conclude that the risk management optimizes the development of the industrial process control software and provides higher quality to the product.

Keywords: supervision software, risk management, industrial supervision, project management

Procedia PDF Downloads 326

Authors: Wenqing Fan, Yixuan Cheng, Wei Huang

Abstract:

The diversity and complexity of modern IT systems make it almost impossible for internal teams to find vulnerabilities in all software before the software is officially released. The emergence of threat intelligence and vulnerability reporting policy has greatly reduced the burden on software vendors and organizations to find vulnerabilities. However, to prove the existence of the reported vulnerability, it is necessary but difficult for security incident response team to build a deliberated vulnerable environment from the vulnerability report with limited and incomplete information. This paper presents a structured, standardized, machine-oriented vulnerability intelligence format, that can be used to automate the orchestration of Deliberated Vulnerable Environment (DVE). This paper highlights the important role of software configuration and proof of vulnerable specifications in vulnerability intelligence, and proposes a triad model, which is called DIR (Dependency Configuration, Installation Configuration, Runtime Configuration), to define software configuration. Finally, this paper has also implemented a prototype system to demonstrate that the orchestration of DVE can be automated with the intelligence.

Keywords: DIR triad model, DVE, vulnerability intelligence, vulnerability recurrence

Procedia PDF Downloads 97

Authors: Ritsuko Kawasaki (Aiba), Takeshi Hiromatsu

Abstract:

Management is required to understand all information security risks within an organization, and to make decisions on which information security risks should be treated in what level by allocating how much amount of cost. However, such decision-making is not usually easy, because various measures for risk treatment must be selected with the suitable application levels. In addition, some measures may have objectives conflicting with each other. It also makes the selection difficult. Moreover, risks generally have trends and it also should be considered in risk treatment. Therefore, this paper provides the extension of the model proposed in the previous study. The original model supports the selection of measures by applying a combination of weighted average method and goal programming method for multi-objective analysis to find an optimal solution. The extended model includes the notion of weights to the risks, and the larger weight means the priority of the risk.

Keywords: information security risk treatment, selection of risk measures, risk acceptance, multi-objective optimization

Procedia PDF Downloads 428

Authors: Alfred Kamate Siviri, Angelus Mafikiri Tsongo, Jean Robert Kala Kamdjoug

Abstract:

Digitalization and information systems well organized have been selected as relevant measures to mitigate operational risks within organizations. Unfortunately, information system comes with new threats that can cause severe damage and quick organization lockout. This study aims to measure perceived information system risks and their effects on operational risks within the microfinance institution in D.R. Congo. Also, the factors influencing the operational risk are identified, and the link between operational risk with other risks and performance is to be assessed. The study proposes a research model drawn on the combination of Resources-Based-View, dynamic capabilities, the agency theory, the Information System Security Model, and social theories of risk. Therefore, we suggest adopting a mixed methods research with the sole aim of increasing the literature that already exists on perceived operational risk assessment and its link with other risk and performance, a focus on IT risk.

Keywords: Democratic Republic Congo, information system risk, microfinance performance, operational risk

Procedia PDF Downloads 193

Authors: Bambang Novianto, Rizal Aditya Herdianto, Raphael Bianco Huwae, Afifah, Alfonso Brolin Sihite, Rudi Lumanto

Abstract:

The mobile banking application is a type of mobile application that is growing rapidly. This is caused by the ease of service and time savings in making transactions. On the other hand, this certainly provides a challenge in security issues. The use of mobile banking can not be separated from cyberattacks that may occur which can result the theft of sensitive information or financial loss. The financial loss and the theft of sensitive information is the most avoided thing because besides harming the user, it can also cause a loss of customer trust in a bank. Cyberattacks that are often carried out against mobile applications are phishing, hacking, theft, misuse of data, etc. Cyberattack can occur when a vulnerability is successfully exploited. OWASP mobile Top 10 has recorded as many as 10 vulnerabilities that are most commonly found in mobile applications. In the others, android permissions also have the potential to cause vulnerabilities. Therefore, an overview of the profile of the mobile banking application becomes an urgency that needs to be known. So that it is expected to be a consideration of the parties involved for improving security. In this study, an experiment has been conducted to capture the profile of the mobile banking applications in Indonesia based on android permission and OWASP mobile top 10 2016. The results show that there are six basic vulnerabilities based on OWASP Mobile Top 10 that are most commonly found in mobile banking applications in Indonesia, i.e. M1:Improper Platform Usage, M2:Insecure Data Storage, M3:Insecure Communication, M5:Insufficient Cryptography, M7:Client Code Quality, and M9:Reverse Engineering. The most permitted android permissions are the internet, status network access, and telephone read status.

Keywords: mobile banking application, OWASP mobile top 10 2016, android permission, sensitive information, financial loss

Procedia PDF Downloads 113

Authors: E. Harrer, M. Mauerhofer, T. Werginz

Abstract:

As a result of intensive competition, the building sector is suffering from a high degree of rivalry. Furthermore, there can be observed an unbalanced distribution of project risks. Clients are aimed to shift their own risks into the sphere of the constructors or planners. The consequence of this is that the number of conflicts between the involved parties is inordinately high or even increasing; an alternative approach to counter on that developments are cooperative project forms in the construction sector. This research compares conventional contract models and models with partnering agreements to examine the influence on project risks by an early integration of the involved parties. The goal is to show up deviations in different project stages from the design phase to the project transfer phase. These deviations are evaluated by a survey of experts from the three spheres: clients, contractors and planners. By rating the influence of the participants on specific risk factors it is possible to identify factors which are relevant for a smooth project execution.

Keywords: building projects, contract models, partnering, project risks

Procedia PDF Downloads 245

Authors: Umut Tac, Leyla Tavacioglu, Pelin Bolat

Abstract:

Human factor has been one of the elements that cause vulnerabilities which can be resulted with accidents in maritime transportation. When the roots of human factor based accidents are analyzed, gaps in performing cognitive abilities (reaction time, attention, memory…) are faced as the main reasons for the vulnerabilities in complex environment of maritime systems. Thus cognitive processes in maritime systems have arisen important subject that should be investigated comprehensively. At this point, neurocognitive tests such as reaction time analysis tests have been used as coherent tools that enable us to make valid assessments for cognitive status. In this respect, the aim of this study is to evaluate the reaction time (response time or latency) of seafarers due to their occupational experience and age. For this study, reaction time for different maneuverers has been taken while the participants were performing a sea voyage through a simulator which was run up with a certain scenario. After collecting the data for reaction time, a statistical analyze has been done to understand the relation between occupational experience and cognitive abilities.

Keywords: cognitive abilities, human factor, neurocognitive test battery, reaction time

Procedia PDF Downloads 275

Authors: Julinda Keçi

Abstract:

In many countries, governments have been promoting the involvement of private sector entities to enter into long-term agreements for the development and delivery of large infrastructure projects, with a focus on overcoming the limitations upon public fund of the traditional approach. The involvement of private sector through public-private partnerships (PPP) brings in new capital investments, value for money and additional risks to handle. Worldwide research studies have shown that an objective, systematic, reliable and user-oriented risk assessment process and an optimal allocation mechanism among different stakeholders is crucial to the successful completion. In this framework this paper, which is the first stage of a research study, aims to identify the main risks for the delivery of PPP projects. A review of cross-countries research projects and case studies was performed to map the key risks affecting PPP infrastructure delivery. The matrix of mapping offers a summary of the frequency of factors, clustered in eleven categories: Construction, Design, Economic, Legal, Market, Natural, Operation, Political, Project finance, Project selection and Relationship. Results will highlight the most critical risk factors, and will hopefully assist the project managers in directing the managerial attention in the further stages of risk allocation.

Keywords: construction, infrastructure, public private partnerships, risks

Procedia PDF Downloads 404

Authors: Ragi Poyyara, V. Vivek, Ashish Khaparde

Abstract:

The Product Development Process (PDP) in the technology group plays a very important role in the launch of any product. While a manufacturing process encourages the use of certain measures to reduce Health, Safety and Environmental (HSE) risks on the shop floor, the PDP concentrates on the use of Geometric Dimensioning and Tolerancing (GD&T) to develop a flawless design. Furthermore, PDP distributes and coordinates activities between different departments such as marketing, purchasing, and manufacturing. However, it is seldom realized that PDP makes a significant contribution to developing a product that reduces HSE risks by encouraging the Technology group to use effective GD&T. The GD&T is a precise communication tool that uses a set of symbols, rules, and definitions to mathematically define parts to be manufactured. It is a quality assurance method widely used in the oil and gas sector. Traditionally it is used to ensure the interchangeability of a part without affecting its form, fit, and function. Parts that do not meet these requirements are rejected during quality audits. This paper discusses how the Technology group integrates this quality assurance tool into the PDP and how the tool plays a major role in helping the HSE department in its goal towards eliminating HSE incidents. The PDP involves a thorough risk assessment and establishes a method to address those risks during the design stage. An illustration shows how GD&T helped reduce safety risks by ergonomically improving assembling operations. A brief discussion explains how tolerances provided on a part help prevent finger injury. This tool has equipped Technology to produce fixtures, which are used daily in operations as well as manufacturing. By applying GD&T to create good fits, HSE risks are mitigated for operating personnel. Both customers and service providers benefit from reduced safety risks.

Keywords: HSE risks, product development process, geometric dimensioning and tolerances, mechanical engineering

Procedia PDF Downloads 203

Authors: Sergey V. Vinogradov

Abstract:

Coastal communities are presently facing increased vulnerabilities due to rising sea levels and shifts in global climate patterns, a trend expected to escalate in the long run. To address the needs of government entities, the public sector, and private enterprises, there is an urgent need to thoroughly investigate, assess, and manage the present and projected risks associated with coastal flooding, including storm surges, sea level rise, and nuisance flooding. In response to these challenges, a practical approach to evaluating storm surge inundation risks has been developed. This methodology offers an integrated assessment of potential flood risk in targeted coastal areas. The physical modeling framework involves simulating synthetic storms and utilizing hydrodynamic models that align with projected future climate and ocean conditions. Both publicly available and site-specific data form the basis for a risk assessment methodology designed to translate inundation model outputs into statistically significant projections of expected financial and operational consequences. This integrated approach produces measurable indicators of impacts stemming from floods, encompassing economic and other dimensions. By establishing connections between the frequency of modeled flood events and their consequences across a spectrum of potential future climate conditions, our methodology generates probabilistic risk assessments. These assessments not only account for future uncertainty but also yield comparable metrics, such as expected annual losses for each inundation event. These metrics furnish stakeholders with a dependable dataset to guide strategic planning and inform investments in mitigation. Importantly, the model's adaptability ensures its relevance across diverse coastal environments, even in instances where site-specific data for analysis may be limited.

Keywords: climate, coastal, surge, risk

Procedia PDF Downloads 29

Authors: J. K. Visser, H. T. Malan

Abstract:

A need exists to identify the sources of risks associated with the process automation systems within petrochemical companies or similar energy related industries. These companies use many different process automation technologies in its value chain. A crucial part of the process automation system is the information technology component featuring in the supervisory control layer. The ever-changing technology within the process automation layers and the rate at which it advances pose a risk to safe and predictable automation system performance. The age of the automation equipment also provides challenges to the operations and maintenance managers of the plant due to obsolescence and unavailability of spare parts. The main objective of this research was to determine the risk sources associated with the equipment that is part of the process automation systems. A secondary objective was to establish whether technology managers and technicians were aware of the risks and share the same viewpoint on the importance of the risks associated with automation systems. A conceptual model for risk sources of automation systems was formulated from models and frameworks in literature. This model comprised six categories of risk which forms the basis for identifying specific risks. This model was used to develop a questionnaire that was sent to 172 instrument technicians and technology managers in the company to obtain primary data. 75 completed and useful responses were received. These responses were analyzed statistically to determine the highest risk sources and to determine whether there was difference in opinion between technology managers and technicians. The most important risks that were revealed in this study are: 1) the lack of skilled technicians, 2) integration capability of third-party system software, 3) reliability of the process automation hardware, 4) excessive costs pertaining to performing maintenance and migrations on process automation systems, and 5) requirements of having third-party communication interfacing compatibility as well as real-time communication networks.

Keywords: distributed control system, identification of risks, information technology, process automation system

Procedia PDF Downloads 103

Authors: Raya Al Khayari, Rasha Al Jassim, Muna Al Balushi, Fatma Al Moqbali, Said El Hajjar

Abstract:

This study utilizes linear regression analysis to investigate the correlation between user account passwords and the probability of civil ID exposure, offering statistical insights into civil ID security. The study employs multiple linear regression (MLR) analysis to further investigate the elements that influence consumers’ views of civil ID security. This aims to increase awareness and improve preventive measures. The results obtained from the MLR analysis provide a thorough comprehension and can guide specific educational and awareness campaigns aimed at promoting improved security procedures. In summary, the study’s results offer significant insights for improving existing security measures and developing more efficient tactics to reduce risks related to civil ID security in Oman. By identifying key factors that impact consumers’ perceptions, organizations can tailor their strategies to address vulnerabilities effectively. Additionally, the findings can inform policymakers on potential regulatory changes to enhance civil ID security in the country.

Keywords: civil-id disclosure, awareness, linear regression, multiple regression

Procedia PDF Downloads 4

Authors: Emma Carr, Bilal Aslam-Pervez, David Laraway

Abstract:

Litigation against surgeons and hospitals continues to increase in Western countries. While verbal consent is all that is required legally, it has for a long time been considered that written consent offers proof of discussion and interaction between the surgeon and the patient. Inadequate consenting of patients continues in the United Kingdom leaving surgeons and Health Trusts open to litigation. We present a standardised consent form which improves patient autonomy and engagement. The General Medical Council recommends that all material risks relevant to the patient are discussed and recorded prior to undergoing surgery, regardless of how likely they are to occur. Current literature was reviewed to evaluate complications associated with surgical management of mandible fractures. Analysis of risks on 52 consent forms were analysed within the Glasgow OMFS department, leading to a procedure-specific form being designed and implemented. This audit showed that the documentation of risks on consent forms was extremely variable- with uncommon risks not being recorded. Interestingly, not a single consent form was found which highlighted all the risks associated with mandible fractures. Our re-audit data confirms 100% of risks being discussed when a procedure specific form is utilised. Our hope, is to introduce further forms for inclusion on the BAOMS website and peripheral distribution. The forms are quick and easy to print and leave more time for consultation with the patient. Whilst we are under no illusion that the forms may not decrease the incidence of intended litigation, we feel confident that they will decrease the chances of it being successful.

Keywords: consent, litigation, mandible fracture, surgery

Procedia PDF Downloads 162

Authors: Negar Ganjouhaghighi, Amirali Dolatshahi

Abstract:

The origin of most risks of a mega project usually takes place in the phases before closing the contract. As a practical point of view, using project risk management techniques for preparing a proposal is not a total solution for managing the risks of a contract. The objective of this paper is to cover all those activities associated with risk management of a mega project sale’s processes; from entrance to a new market to awarding activities and the review of contract performance. In this study, the risk management happens in six consecutive steps that are divided into three distinct but interdependent phases upstream of the award of the contract: pre-tendering, tendering and closing. In the first step, by preparing standard market risk report, risks of the new market are identified. The next step is the bid or no bid decision making based on the previous gathered data. During the next three steps in tendering phase, project risk management techniques are applied for determining how much contingency reserve must be added or reduced to the estimated cost in order to put the residual risk to an acceptable level. Finally, the last step which happens in closing phase would be an overview of the project risks and final clarification of residual risks. The sales experience of more than 20,000 MW turn-key power plant projects alongside this framework, are used to develop a software that assists the sales team to have a better project risk management.

Keywords: project marketing, risk management, tendering, project management, turn-key projects

Procedia PDF Downloads 301

Authors: Jaimin Patel

Abstract:

Cloud computing is one of the most sharp and important movement in various computing technologies. It provides flexibility to users, cost effectiveness, location independence, easy maintenance, enables multitenancy, drastic performance improvements, and increased productivity. On the other hand, there are also major issues like security. Being a common server, security for a cloud is a major issue; it is important to provide security to protect user’s private data, and it is especially important in e-commerce and social networks. In this paper, encryption algorithms such as Advanced Encryption Standard algorithms, their vulnerabilities, risk of attacks, optimal time and complexity management and comparison with other algorithms based on software implementation is proposed. Encryption techniques to improve the performance of AES algorithms and to reduce risk management are given. Secure Hash Algorithms, their vulnerabilities, software implementations, risk of attacks and comparison with other hashing algorithms as well as the advantages and disadvantages between hashing techniques and encryption are given.

Keywords: Cloud computing, encryption algorithm, secure hashing algorithm, brute force attack, birthday attack, plaintext attack, man in middle attack

Procedia PDF Downloads 250

Authors: Yousef S. Al-Othman

Abstract:

The growth and expansion of the industrial facilities comes proportional to the market increasing demand of products and services. Furthermore, raw material producers such as oil companies usually undergo massive revamping projects to maintain a synchronized supply. These revamping projects are usually delivered through challenging construction projects held and associated with daily site risks related to the construction process. Henceforth, a case study related to these risks and corresponding on-spot corrective measurements has been made on a certain number of construction project contractors at Kuwait Oil Company (KOC) to derive the benefits and overall effectiveness of the on-spot corrective measurements during the construction phase of a project, and how would the same help in avoiding major incidents, ensuring a smooth, cost effective and on time delivery of the project. Findings of this case study shall have an added value to the overall risk management process by minimizing the daily site risks that may affect the project lead time, resulting in an undisturbed on-site construction process.

Keywords: oil and gas, risk management, construction projects, project lead time

Procedia PDF Downloads 83

Authors: Onyekachi Onwudike, Russell Lock, Iain Phillips

Abstract:

The variability that exists across governments, her departments and the provisioning of services has been areas of concern in the E-Government domain. There is a need for reuse and integration across government departments which are accompanied by varying degrees of risks and threats. There is also the need for assessment, prevention, preparation, response and recovery when dealing with these risks or threats. The ability of a government to cope with the emerging changes that occur within it is known as resilience. In order to forge ahead with concerted efforts to manage reuse and integration induced risks or threats to governments, the ambiguities contained within resilience must be addressed. Enhancing resilience in the E-Government domain is synonymous with reducing risks governments face with provisioning of services as well as reuse of components across departments. Therefore, it can be said that resilience is responsible for the reduction in government’s vulnerability to changes. In this paper, we present the use of the ontology to measure the resilience of governments. This ontology is made up of a well-defined construct for the taxonomy of resilience. A specific class known as ‘Resilience Requirements’ is added to the ontology. This class embraces the concept of resilience into the E-Government domain ontology. Considering that the E-Government domain is a highly complex one made up of different departments offering different services, the reliability and resilience of the E-Government domain have become more complex and critical to understand. We present questions that can help a government access how prepared they are in the face of risks and what steps can be taken to recover from them. These questions can be asked with the use of queries. The ontology focuses on developing a case study section that is used to explore ways in which government departments can become resilient to the different kinds of risks and threats they may face. A collection of resilience tools and resources have been developed in our ontology to encourage governments to take steps to prepare for emergencies and risks that a government may face with the integration of departments and reuse of components across government departments. To achieve this, the ontology has been extended by rules. We present two tools for understanding resilience in the E-Government domain as a risk analysis target and the output of these tools when applied to resilience in the E-Government domain. We introduce the classification of resilience using the defined taxonomy and modelling of existent relationships based on the defined taxonomy. The ontology is constructed on formal theory and it provides a semantic reference framework for the concept of resilience. Key terms which fall under the purview of resilience with respect to E-Governments are defined. Terms are made explicit and the relationships that exist between risks and resilience are made explicit. The overall aim of the ontology is to use it within standards that would be followed by all governments for government-based resilience measures.

Keywords: E-Government, Ontology, Relationships, Resilience, Risks, Threats

Procedia PDF Downloads 314

Authors: Jean Rosemond Dora, Karol Nemoga

Abstract:

In this work, we tackle a frequent problem that frequently occurs in the cybersecurity field which is the exploitation of websites by XSS attacks, which are nowadays considered a complicated attack. These types of attacks aim to execute malicious scripts in a web browser of the client by including code in a legitimate web page. A serious matter is when a website accepts the “user-input” option. Attackers can exploit the web application (if vulnerable), and then steal sensitive data (session cookies, passwords, credit cards, etc.) from the server and/or from the client. However, the difficulty of the exploitation varies from website to website. Our focus is on the usage of ontology in cybersecurity against XSS attacks, on the importance of the ontology, and its core meaning for cybersecurity. We explain how a vulnerable website can be exploited, and how different JavaScript payloads can be used to detect vulnerabilities. We also enumerate some tools to use for an efficient analysis. We present detailed reasoning on what can be done to improve the security of a website in order to resist attacks, and we provide supportive examples. Then, we apply an ontology model against XSS attacks to strengthen the protection of a web application. However, we note that the existence of ontology does not improve the security itself, but it has to be properly used and should require a maximum of security layers to be taken into account.

Keywords: cybersecurity, web application vulnerabilities, cyber threats, ontology model

Procedia PDF Downloads 135

Authors: G. A. Gevorgyan, K. A. Ghazaryan, T. H. Derdzyan

Abstract:

The heavy metal pollution of the soils around the mining area near Shamlugh town and related risks to human health were assessed. The investigations showed that the soils were polluted with heavy metals that can be ranked by anthropogenic pollution degree as follows: Cu>Pb>As>Co>Ni>Zn. The main sources of the anthropogenic metal pollution of the soils were the copper mining area near Shamlugh town, the Chochkan tailings storage facility and the trucks transferring are from the mining area. Copper pollution degree in some observation sites was unallowable for agricultural production. The total non-carcinogenic chronic hazard index (THI) values in some places, including observation sites in Shamlugh town, were above the safe level (THI<1) for children living in this territory. Although the highest heavy metal enrichment degree in the soils was registered in case of copper, the highest health risks to humans especially children were posed by cobalt which is explained by the fact that heavy metals have different toxicity levels and penetration characteristics.

Keywords: Armenia, copper mine, heavy metal pollution of soil, health risks

Procedia PDF Downloads 391

Authors: Laura Ramona Nae

Abstract:

The issue of risks faced by companies providing tourist and hotel services in the HoReCa field, related to the goods belonging to consumer tourists left in hotel storage, has acquired a new dimension in the context of the economic and geo-political influences that have recently intervened at the global level. Thus, hoteliers and not only had to create contractual mechanisms regarding the risks and to protect the businesses in this field of activity. This situation has led to a reassessment of the importance of insurance, in particular with regard to hotel liability insurance-premises liability, safety, and security of goods. Interpretation of clauses in contracts concluded between hoteliers and tourists consuming hotel services and products, all the more so in the current pandemic context of Covid 19, stressed the increase in the number of disputes generated by them. This article presents a general picture of the significance of the risks related to the activity carried out in the hospitality industry, tourism, respectively within the HoReCa field. The study mainly marks the specificities of the hotel deposit contract, as well as the related insurance specific to the field, as a way to cover these risks. The article also refers to alternative methods of out-of-court settlement of disputes (ADR) in the HoReCa domain, generally used in both Romania and the European Union.

Keywords: consumer tourist, disputes and ADR methods, deposit contract, hotel warehouse and hotelier insurance, hotel services and tourist products, HoReCa

Procedia PDF Downloads 28

Authors: Jingwen Shi, Qi Wu

Abstract:

We study the role played interest rate risk in carry trade return in order to understand the forward premium puzzle. In this study, our goal is to investigate to what extent carry trade return is indeed due to compensation for risk taking and, more important, to reveal the nature of these risks. Using option data not only on exchange rates but also on interest rate swaps (swaptions), our first finding is that, besides the consensus currency risks, interest rate risks also contribute a non-negligible portion to the carry trade return. What strikes us is our second finding. We find that large downside risks of future exchange rate movements are, in fact, priced significantly in option market on interest rates. The role played by interest rate risk differs structurally from the currency risk. There is a unique premium associated with interest rate risk, though seemingly small in size, which compensates the tail risks, the left tail to be precise. On the technical front, our study relies on accurately retrieving implied distributions from currency options and interest rate swaptions simultaneously, especially the tail components of the two. For this purpose, our major modeling work is to build a new international asset pricing model where we use an orthogonal setup for pricing kernels and specify non-Gaussian dynamics in order to capture three sets of option skew accurately and consistently across currency options and interest rate swaptions, domestic and foreign, within one model. Our results open a door for studying forward premium anomaly through implied information from interest rate derivative market.

Keywords: carry trade, forward premium anomaly, FX option, interest rate swaption, implied volatility skew, uncovered interest rate parity

Procedia PDF Downloads 417

Authors: Anders Thorsén, Behrooz Sangchoolie, Peter Folkesson, Ted Strandberg

Abstract:

As more parts of the power grid become connected to the internet, the risk of cyberattacks increases. To identify the cybersecurity threats and subsequently reduce vulnerabilities, the common practice is to carry out a cybersecurity risk assessment. For safety classified systems and products, there is also a need for safety risk assessments in addition to the cybersecurity risk assessment in order to identify and reduce safety risks. These two risk assessments are usually done separately, but since cybersecurity and functional safety are often related, a more comprehensive method covering both aspects is needed. Some work addressing this has been done for specific domains like the automotive domain, but more general methods suitable for, e.g., intelligent distributed grids, are still missing. One such method from the automotive domain is the Security-Aware Hazard Analysis and Risk Assessment (SAHARA) method that combines safety and cybersecurity risk assessments. This paper presents an approach where the SAHARA method has been modified in order to be more suitable for larger distributed systems. The adapted SAHARA method has a more general risk assessment approach than the original SAHARA. The proposed method has been successfully applied on two use cases of an intelligent distributed grid.

Keywords: intelligent distribution grids, threat analysis, risk assessment, safety, cybersecurity

Procedia PDF Downloads 122

Authors: Sayed Amir Hamzeh Mirkheshti

Abstract:

Offshore wind energy as a strategic renewable energy, has been growing rapidly due to availability, abundance and clean nature of it. On the other hand, budget of this project is incredibly higher in comparison with other renewable energies and it takes more duration. Accordingly, precise estimation of time and cost is needed in order to promote awareness in the developers and society and to convince them to develop this kind of energy despite its difficulties. Occurrence risks during on project would cause its duration and cost constantly changed. Therefore, to develop offshore wind power, it is critical to consider all potential risks which impacted project and to simulate their impact. Hence, knowing about these risks could be useful for the selection of most influencing strategies such as avoidance, transition, and act in order to decrease their probability and impact. This paper presents an evaluation of the feasibility of 500 MV offshore wind project in the Persian Gulf and compares its situation with uncertainty resources and risk. The purpose of this study is to evaluate time and cost of offshore wind project under risk circumstances and uncertain resources by using Monte Carlo simulation. We analyzed each risk and activity along with their distribution function and their effect on the project.

Keywords: wind energy project, uncertain resources, risks, Monte Carlo simulation

Procedia PDF Downloads 328

Authors: Masa Popovac, Philip Fine

Abstract:

Information and Communication Technologies (ICTs) have altered our social environments, and young people in particular have immersed themselves in the digital age. Despite countless benefits, younger ICT users are being exposed to various online risks such as contact with strangers, viewing of risky content, sending or receiving sexually themed images or comments (i.e. ‘sexting’) as well as cyber bullying. Parents may not be fully aware of the online spaces their children inhabit and often struggle to implement effective mediation strategies. This quantitative study explored (i) three types of online risks (contact risks, content risks and conduct risks), (ii) cyber bullying victimization and perpetration, and (iii) parental mediation among a sample of 689 South African adolescents aged between 12-17 years. Survey data was also collected for 227 of their parents relating to their perceptions of their child’s online experiences. A comparison between adolescent behaviors and parental perceptions was examined on the three variables in the study. Findings reveal various online risk taking behaviors. In terms of contact risks, 56% of adolescents reported having contact with at least one online stranger, with many meeting these strangers in person. Content risks included exposure to harmful information such as websites promoting extreme diets or self-harm as well as inappropriate content: 84% of adolescents had seen violent content and 75% had seen sexual content online. Almost 60% of adolescents engaged in conduct risks such as sexting. Eight online victimization behaviors were examined in the study and 79% of adolescents had at least one of these negative experiences, with a third (34%) defining this experience as cyber bullying. A strong connection between victimization and perpetration was found, with 63% of adolescents being both a victim and perpetrator. Very little parental mediation of ICT use was reported. Inferential statistics revealed that parents consistently underestimated their child’s online risk taking behaviors as well as their cyber bullying victimization and perpetration. Parents also overestimated mediation strategies in the home. The generational gap in the knowledge and use of ICTs is a barrier to effective parental mediation and online safety, since many negative online experiences by adolescents go undetected and can continue for extended periods of time thereby exacerbating the potential psychological and emotional distress. The study highlights the importance of including parents in online safety efforts.

Keywords: cyber bullying, online risk behaviors, parental mediation, South Africa

Procedia PDF Downloads 452

Authors: Yuhong Li, Luyu Mao

Abstract:

Globalization has led to an increasingly interconnected international community and transmitted risks to every corner of the world through the chain of globalization. Security risks arising from international conflicts seem inescapable. Some countries have begun to build their capacity to deal with the globalization of security risks. They establish disembedding security mechanisms that transcend spatial or temporal boundaries and promote security cooperation with countries or regions that are not geographically close. This paper proposes four hypotheses of the phenomenon of "risks and security disembedding" in the post-Cold War international society and uses them to explain The United Kingdom’s behavior in the Bosnian War and the Russo-Ukrainian War. In the Bosnian War, confident in its own security and focused on maintaining European stability, The UK has therefore chosen to be cautious in its use of force in international frameworks such as the EU and to maintain a very limited intervention in Bosnia and Herzegovina's affairs. In contrast, the failure of the EU and NATO’s security mechanism in the Russo-Ukrainian war heightened Britain's anxiety, and the volatile international situation led it to show a strong tendency towards security disembedding, choosing to conclude security communities with extra-territorial states. Analysis suggests that security mechanisms are also the starting point of conflict and that countries will rely more on disembedding mechanisms to counteract the global security risks. The current mechanism of security disembedding occurs as a result of the global proliferation of security perceptions as a symbolic token and the recognition of an expert system of security mechanisms formed by states with similar security perceptions.

Keywords: disembedding mechanism, bosnia war, the russian-ukrainian war, british security strategy

Procedia PDF Downloads 52

Authors: Taeho Park, Ming Zhou, Sangryul Shim

Abstract:

With the emergence of the global economy, today’s business environment is getting more competitive than ever in the past. And many supply chain (SC) strategies and operations have significantly been altered over the past decade to overcome more complexities and risks imposed onto the global business. First, offshoring and outsourcing are more adopted as operational strategies. Manufacturing continues to move to better locations for enhancing competitiveness. Second, international operations are a challenge to a company’s SC system. Third, the products traded in the SC system are not just physical goods, but also digital goods (e.g., software, e-books, music, video materials). There are three main flows involved in fulfilling the activities in the SC system: physical flow, information flow, and financial flow. An advance of the Internet and electronic communication technologies has enabled companies to perform the flows of SC activities in electronic formats, resulting in the advent of an electronic supply chain management (e-SCM) system. A SC system for digital goods is somewhat different from the supply chain system for physical goods. However, it involves many similar or identical SC activities and flows. For example, like the production of physical goods, many third parties are also involved in producing digital goods for the production of components and even final products. This research aims at identifying process flows of both physical and digital goods in a SC system, and then investigating all risk elements involved in the physical, information, and financial flows during the fulfilment of SC activities. There are many risks inherent in the e-SCM system. Some risks may have severe impact on a company’s business, and some occur frequently but are not detrimental enough to jeopardize a company. Thus, companies should assess the impact and frequency of those risks, and then prioritize them in terms of their severity, frequency, budget, and time in order to be carefully maintained. We found risks involved in the global trading of physical and digital goods in four different categories: environmental risk, strategic risk, technological risk, and operational risk. And then the significance of those risks was investigated through a survey. The survey asked companies about the frequency and severity of the identified risks. They were also asked whether they had faced those risks in the past. Since the characteristics and supply chain flows of digital goods are varying industry by industry and country by country, it is more meaningful and useful to analyze risks by industry and country. To this end, more data in each industry sector and country should be collected, which could be accomplished in the future research.

Keywords: digital goods, e-SCM, risk analysis, supply chain flows

Procedia PDF Downloads 390

Authors: Rossouw De Bruin, Sebastiaan H. Von Solms

Abstract:

The state of national security is an evolving concern. Companies, organizations, governments, states and individuals are aware of the security of their information and their assets however, they may not always be aware of the risks present. These risks are not only limited to non-existence of security procedures. Existing security can be severely flawed, especially if there is non-conformance towards policies, practices and procedures. When looking at humanitarian actions, we can easily identify these flaws. Unfortunately, humanitarian aid has to compete with factors from within the states, countries and continents they are working in. Furthermore, as technology improves, so does our connectivity to the internet and the way in which we use the internet. However, there are times when security is overlooked and humanitarian agencies are some of the agencies that do not always take security into consideration. The purpose of this paper will be to introduce the importance of cybersecurity and cybersecurity governance with respect to humanitarian work. We will also introduce and briefly discuss a model that can be used by humanitarian agencies to assess, manage and maintain their cybersecurity efforts.

Keywords: humanities, cybersecurity, cybersecurity governance, maturity, cybersecurity maturity, maturity model

Procedia PDF Downloads 234

Authors: Princess Ncube

Abstract:

In the context of South Africa's banking sector, the prevention of bank failures is of paramount importance to ensure financial stability and economic growth. This paper focuses on the role of regulatory frameworks in safeguarding the resilience of South African banks and mitigating the risks of failures. It aims to assess the effectiveness of existing regulatory measures and proposes strategies to enhance the resilience of financial institutions in the country. The paper begins by examining the specific regulatory frameworks in place in South Africa, including capital adequacy requirements, stress testing methodologies, risk management guidelines, and supervisory practices. It delves into the evolution of these measures in response to lessons learned from past financial crises and their relevance in the unique South African banking landscape. Drawing on empirical evidence and case studies specific to South Africa, this paper evaluates the effectiveness of regulatory frameworks in preventing bank failures within the country. It analyses the impact of these frameworks on crucial aspects such as early detection of distress signals, improvements in risk management practices, and advancements in corporate governance within South African financial institutions. Additionally, it explores the interplay between regulatory frameworks and the specific economic environment of South Africa, including the role of macroprudential policies in preventing systemic risks. Based on the assessment, this paper proposes recommendations to strengthen regulatory frameworks and enhance their effectiveness in bank failure prevention in South Africa. It explores avenues for refining existing regulations to align capital requirements with the risk profiles of South African banks, enhancing stress testing methodologies to capture specific vulnerabilities, and fostering better coordination among regulatory authorities within the country. Furthermore, it examines the potential benefits of adopting innovative approaches, such as leveraging technology and data analytics, to improve risk assessment and supervision in the South African banking sector.

Keywords: banks, resolution, liquidity, regulation

Procedia PDF Downloads 55

Authors: Babanyara Y. Y., Ibrahim D. B., Garba T., Bogoro A. G., Abubakar, M. Y.

Abstract:

Medical care is vital for our life, health, and well-being. However, the waste generated from medical activities can be hazardous, toxic, and even lethal because of their high potential for diseases transmission. The hazardous and toxic parts of waste from healthcare establishments comprising infectious, medical, and radioactive material as well as sharps constitute a grave risks to mankind and the environment, if these are not properly treated/disposed or are allowed to be mixed with other municipal waste. In Nigeria, practical information on this aspect is inadequate and research on the public health implications of poor management of medical wastes is few and limited in scope. Findings drawn from Literature particularly in the third world countries highlights financial problems, lack of awareness of risks involved in MWM, lack of appropriate legislation and lack of specialized MWM staff. The paper recommends how MWM practices can be improved in medical facilities.

Keywords: environmental pollution, infectious, management, medical waste, public health

Procedia PDF Downloads 278