Search results for: risks management

Authors: Abdullahi Mohamud Sharif, Mohd. Zaidi Abd. Rozan

Abstract:

Risk Assessment Tool (RAT) is an expert system that assesses, monitors, and gives preliminary treatments automatically based on the project plan. In this paper, a review was taken out for the current project time management risk assessment tools for SME software development projects, analyze risk assessment parameters, conditions, scenarios, and finally propose risk assessment tool (RAT) model to assess, treat, and monitor risks. An implementation prototype system is developed to validate the model.

Keywords: Project Time Management, Risk Assessment Tool(RAT), Small and Medium Enterprises (SME).

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2277

Authors: Mária Hudáková, Vladimír Míka, Katarína Hollá

Abstract:

Making decisions is the core of management and a result of conscious activities which is under way in a particular environment and concrete conditions. The managers decide about the goals, procedures and about the methods how to respond to the changes and to the problems which developed. Their decisions affect the effectiveness, quality, economy and the overall successfulness in every organisation. In spite of this fact, they do not pay sufficient attention to the individual steps of the decision-making process. They emphasise more how to cope with the individual methods and techniques of making decisions and forget about the way how to cope with analysing the problem or assessing the individual solution variants. In many cases, the underestimating of the analytical phase can lead to an incorrect assessment of the problem and this can then negatively influence its further solution. Based on our analysis of the theoretical solutions by individual authors who are dealing with this area and the realised research in Slovakia and also abroad we can recognise an insufficient interest of the managers to assess the risks in the decision-making process. The goal of this paper is to assess the risks in the managers´ decision-making process relating to the conditions of the environment, to the subject’s activity (the manager’s personality), to the insufficient assessment of individual variants for solving the problems but also to situations when the arisen problem is not solved. The benefit of this paper is the effort to increase the need of the managers to deal with the risks during the decision-making process. It is important for every manager to assess the risks in his/her decision-making process and to make efforts to take such decisions which reflect the basic conditions, states and development of the environment in the best way and especially for the managers´ decisions to contribute to achieving the determined goals of the organisation as effectively as possible.

Keywords: Risk, decision-making, manager, process, analysis, source of risk.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1749

Authors: Myriam Noureddine, Rachid Noureddine

Abstract:

Following the current economic challenges and competition, all systems, whatever their field, must be efficient and operational during their activity. In this context, it is imperative to anticipate, identify, eliminate and estimate the failures of systems, which may lead to an interruption of their function. This need requires the management of possible risks, through an assessment of the failures criticality following a dependability approach. On the other hand, at the time of new information technologies and considering the networks field evolution, the data transmission has evolved towards a multipoint communication, which can simultaneously transmit information from a sender to multiple receivers. This article proposes the failures criticality assessment of a multipoint communication network, integrates a database of network failures and their quantifications. The proposed approach is validated on a case study and the final result allows having the criticality matrix associated with failures on the considered network, giving the identification of acceptable risks.

Keywords: Dependability, failure, multipoint network, criticality matrix.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1556

Authors: Fauziah Hanim Tafri, Zarinah Hamid, Ahamed Kameel Mydin Meera, Mohd Azmi Omar

Abstract:

This paper examines the relationship between financial risks and profitability of the conventional and Islamic banks in Malaysia for the period between 1996 and 2005. The measures of profitability that have been used in the study are the return on equity (ROE) and return on assets (ROA) while the financial risks are credit risk, interest rate risk and liquidity risks. This study employs panel data regression analysis of Generalised Least Squares of fixed effects and random effects models. It was found that credit risk has a significant impact on ROA and ROE for the conventional as well as the Islamic banks. The relationship between interest rate risk and ROE were found to be weakly significant for the conventional banks and insignificant for the Islamic banks. The effect of interest rate risk on ROA is significant for the conventional banks. Liquidity risk was found to have an insignificant impact on both profitability measures.

Keywords: Credit risk, interest rate risk, liquidity risk, market risk, profitability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5751

Authors: Gyoutae Park, Geunjun Lyu, Yeonjae Lee, Wooksuk Kim, Jaheon Gu, Sanguk Ahn, Hiesik Kim

Abstract:

In this paper, we propose a system for preventing gas risks through the use of wireless communication modules and intelligent gas safety appliances. Our system configuration consists of an automatic extinguishing system, detectors, a wall-pad, and a microcomputer controlled micom gas meter to monitor gas flow and pressure as well as the occurrence of earthquakes. The automatic fire extinguishing system checks for both combustible gaseous leaks and monitors the environmental temperature, while the detector array measures smoke and CO gas concentrations. Depending on detected conditions, the micom gas meter cuts off an inner valve and generates a warning, the automatic fire-extinguishing system cuts off an external valve and sprays extinguishing materials, or the sensors generate signals and take further action when smoke or CO are detected. Information on intelligent measures taken by the gas safety appliances and sensors are transmitted to the wall-pad, which in turn relays this as real time data to a server that can be monitored via an external network (BcN) connection to a web or mobile application for the management of gas safety. To validate this smart-home gas management system, we field-tested its suitability for use in Korean apartments under several scenarios.

Keywords: Gas sensor, leak, gas safety, gas meter, gas risk, wireless communication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2656

Authors: G. A. Gevorgyan, K. A. Ghazaryan, T. H. Derdzyan

Abstract:

The heavy metal pollution of the soils around the mining area near Shamlugh town and related risks to human health were assessed. The investigations showed that the soils were polluted with heavy metals that can be ranked by anthropogenic pollution degree as follows: Cu>Pb>As>Co>Ni>Zn. The main sources of the anthropogenic metal pollution of the soils were the copper mining area near Shamlugh town, the Chochkan tailings storage facility and the trucks transferring ore from the mining area. Copper pollution degree in some observation sites was unallowable for agricultural production. The total non-carcinogenic chronic hazard index (THI) values in some places, including observation sites in Shamlugh town, were above the safe level (THI<1) for children living in this territory. Although the highest heavy metal enrichment degree in the soils was registered in case of copper, however, the highest health risks to humans especially children were posed by cobalt which is explained by the fact that heavy metals have different toxicity levels and penetration characteristics.

Keywords: Armenia, copper mine, heavy metal pollution of soil, health risks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2335

Authors: M. N. Huda, S. Yamada, N. Sonehara

Abstract:

Probability-based identity disclosure risk measurement may give the same overall risk for different anonymization strategy of the same dataset. Some entities in the anonymous dataset may have higher identification risks than the others. Individuals are more concerned about higher risks than the average and are more interested to know if they have a possibility of being under higher risk. A notation of overall risk in the above measurement method doesn-t indicate whether some of the involved entities have higher identity disclosure risk than the others. In this paper, we have introduced an identity disclosure risk measurement method that not only implies overall risk, but also indicates whether some of the members have higher risk than the others. The proposed method quantifies the overall risk based on the individual risk values, the percentage of the records that have a risk value higher than the average and how larger the higher risk values are compared to the average. We have analyzed the disclosure risks for different disclosure control techniques applied to original microdata and present the results.

Keywords: Anonymization, microdata, disclosure risk, privacy.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1328

Authors: Ali Jafari, Hatam Godini, Saed Hamed Mirhousaini

Abstract:

This paper presents an overview of current municipal solid waste management in Khoram Abad city. According to data collected by the local authorities, the waste generation rate is estimated to be 800 g/cap.d with density of 243 kg/m3. Solid waste is stored in different types of containers at the source of generation in different areas of the city. Local Authority is responsible for waste collection, transportation. Municipality is responsible for waste collection, using private sector contracts. At present, both mechanical and manual methods are used to collect residential waste. Manual methods of collection are the most commonly used for waste collection in most parts of the city. Land filling is the main disposal method in this city. But it has some obvious problem and deficiencies The current state of solid waste management has been improved slightly in the last decade. By more actions can reduce the human and environmental risks.

Keywords: Disposal, Landfill, management, solid waste.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1967

Authors: Isa Nakhai Kamal Abadi, Esmaeel Saberi, Ehsan Mirjafari

Abstract:

Every organization is continually subject to new damages and threats which can be resulted from their operations or their goal accomplishment. Methods of providing the security of space and applied tools have been widely changed with increasing application and development of information technology (IT). From this viewpoint, information security management systems were evolved to construct and prevent reiterating the experienced methods. In general, the correct response in information security management systems requires correct decision making, which in turn requires the comprehensive effort of managers and everyone involved in each plan or decision making. Obviously, all aspects of work or decision are not defined in all decision making conditions; therefore, the possible or certain risks should be considered when making decisions. This is the subject of risk management and it can influence the decisions. Investigation of different approaches in the field of risk management demonstrates their progress from quantitative to qualitative methods with a process approach.

Keywords: Risk Management, Information Security, Methodology, Probability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1492

Authors: Sayed Amir Hamzeh Mirkheshti

Abstract:

Offshore wind energy as a strategic renewable energy, has been growing rapidly due to availability, abundance and clean nature of it. On the other hand, budget of this project is incredibly higher in comparison with other renewable energies and it takes more duration. Accordingly, precise estimation of time and cost is needed in order to promote awareness in the developers and society and to convince them to develop this kind of energy despite its difficulties. Occurrence risks during on project would cause its duration and cost constantly changed. Therefore, to develop offshore wind power, it is critical to consider all potential risks which impacted project and to simulate their impact. Hence, knowing about these risks could be useful for the selection of most influencing strategies such as avoidance, transition, and act in order to decrease their probability and impact. This paper presents an evaluation of the feasibility of 500 MV offshore wind project in the Persian Gulf and compares its situation with uncertainty resources and risk. The purpose of this study is to evaluate time and cost of offshore wind project under risk circumstances and uncertain resources by using Monte Carlo simulation. We analyzed each risk and activity along with their distribution function and their effect on the project.

Keywords: Wind energy project; uncertain resources; risks; Monte Carlo simulation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 746

Authors: Benson Chizubem

Abstract:

Because of the severe hazards that substantially impact workers' lives and assets lost, the oil and gas industry has established a goal of establishing zero occurrences or accidents in operations. Using leading indicators to measure and assess an organization's safety performance is a proactive approach to safety management. Also, it will provide early warning signals to solve inherent safety issues before they lead to an accident in the study industry. The analysis of these indicators' performance was based on a questionnaire-based methodology. A total number of 1000 questionnaires were disseminated to the workers, of which 327 were returned to the researcher team. The data collected were analysed to evaluate their safety perceptions on indicators performance. Data analysis identified safety training, safety system, safety supervision, safety rules and procedures, safety auditing, strategies and policies, management commitment, safety meeting and safety behaviour, as potential leading indicators that are capable of measuring organizational safety performance and as capable of providing early warning signals of weak safety area in an operational environment. The findings of this study have provided safety researchers and industrial safety practitioners with helpful information on the improvement of the existing safety monitoring process in the oil and gas industry, both locally and globally, as proactive actions.

Keywords: Early warning, safety, accident risks, oil and gas industry.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 281

Authors: M. Ghazy, T. Dockhorn, N. Dichtl

Abstract:

The present disposal routes of sewage sludge represent a critical environmental issue in Egypt. Recently, there has been an increasing concern about sewage sludge management due to the environmental risks, which resulted from the fast expansion of wastewater treatment plants without equal attention in dealing with the produced sludge. This paper discusses the current situation of sewage sludge management in Egypt presenting a brief overview of the existing wastewater treatment plants, sludge production and characteristics as well as options of beneficial use and potential demand of sewage sludge under Egyptian conditions. The characteristics of sewage sludge are discussed considering the results of own sampling and analysis as well as previous studies. Furthermore, alternative treatment scenarios for sewage sludge, which have been recently developed in Egypt, are discussed and perspectives for a sustainable agricultural use are outlined.

Keywords: Beneficial use, Egypt, Monetary value, Stabilization processes, Sewage sludge, Sludge management

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4380

Authors: Faraj El Dabee, Romeo Marian, Yousef Amer

Abstract:

This paper implements the inventory model developed in the first part of this paper in a simplified problem to simultaneously reduce costs and risks in JIT systems. This model is developed to ascertain an optimal ordering strategy for procuring raw materials by using regular multi-external and local backup suppliers to reduce the total cost of the products, and at the same time to reduce the risks arising from this cost reduction within production systems. A comparison between the cost of using the JIT system and using the proposed inventory model shows the superiority of the use of the inventory model.

Keywords: Lean manufacturing, Just-in-Time (JIT), production system, cost-risk reduction, inventory model, eternal supplier, local backup supplier.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1494

Authors: Paul W. Murray, Marco Barajas

Abstract:

Recent changes in supply chains, especially globalization and collaboration, have created new risks for enterprises of all sizes. A variety of complex frameworks, often based on enterprise risk management strategies have been presented under the heading of Supply Chain Risk Management (SCRM). The literature on promotes the benefits of a robust SCRM strategy; however, implementing SCRM is difficult and resource demanding for Large Enterprises (LEs), and essentially out of reach for Small & Medium Enterprises (SMEs). This research debunks the idea that SCRM is necessary for all enterprises and instead proposes a simple and effective Vendor Selection Template (VST). Empirical testing and a survey of supply chain practitioners provide a measure of validation to the VST. The resulting VSTis a valuable contribution because is easy to use, provides practical results, and is sufficiently flexible to be universally applied to SMEs.

Keywords: Multiple Regression Analysis, Supply Chain Management, Risk Assessment, Vendor Selection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2797

Authors: Isa Nakhai Kamal Abadi, Esmaeel Saberi, Ehsan Mirjafari

Abstract:

While financial institutions have faced difficulties over the years for a multitude of reasons, the major cause of serious banking problems continues to be directly related to lax credit standards for borrowers and counterparties, poor portfolio risk management, or a lack of attention to changes in economic or other circumstances that can lead to a deterioration in the credit standing of a bank's counterparties. Credit risk is most simply defined as the potential that a bank borrower or counterparty will fail to meet its obligations in accordance with agreed terms. The goal of credit risk management is to maximize a bank's risk-adjusted rate of return by maintaining credit risk exposure within acceptable parameters. Banks need to manage the credit risk inherent in the entire portfolio as well as the risk in individual credits or transactions. Banks should also consider the relationships between credit risk and other risks. The effective management of credit risk is a critical component of a comprehensive approach to risk management and essential to the long-term success of any banking organization. In this research we also study the relationship between credit risk indices and borrower-s timely payback in Karafarin bank.

Keywords: Financial Ratios; Spearman Test; Bank OperationsRisk

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1731

Authors: J. Grira, Y. Bédard, S. Roche

Abstract:

The aim of this research is to design a collaborative framework that integrates risk analysis activities into the geospatial database design (GDD) process. Risk analysis is rarely undertaken iteratively as part of the present GDD methods in conformance to requirement engineering (RE) guidelines and risk standards. Accordingly, when risk analysis is performed during the GDD, some foreseeable risks may be overlooked and not reach the output specifications especially when user intentions are not systematically collected. This may lead to ill-defined requirements and ultimately in higher risks of geospatial data misuse. The adopted approach consists of 1) reviewing risk analysis process within the scope of RE and GDD, 2) analyzing the challenges of risk analysis within the context of GDD, and 3) presenting the components of a risk-based collaborative framework that improves the collection of the intended/forbidden usages of the data and helps geo-IT experts to discover implicit requirements and risks.

Keywords: Collaborative risk analysis, intention of use, Geospatial database design, Geospatial data misuse.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1608

Authors: Dchieche Amina, Aboulaich Rajae

Abstract:

Profit and loss sharing suggests an equitable sharing of risks and profits between the parts involved in a financial transaction. Salam is a contract in which advance payment is made for goods to be delivered at a future date. The purpose of this work is to price a new contract for profit and loss sharing based on Salam contract, using Khiyar Al Ghabn which is an agreement of choice in case of misrepresent facts.

Keywords: Islamic finance, Shariah compliance, profit and loss sharing, derivatives, risks, hedging, salam contract.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1855

Authors: M. Farzadkia, S. Jorfi

Abstract:

Hospital waste is a category of waste consisting of infectious and non-infectious waste, which pose environmental and health risks. Therefore, special planning and management is required, due to the potential hazards of them. The lack of valid and comprehensive information regarding the generation and management of hospital waste in Iran is one of the most important problems in this field. This research aimed to evaluate hospital waste management efficiency in Karaj city, Iran. The four greatest hospitals in Karaj city had been selected in this cross-sectional study. Site observations and interviews with employees were implemented. The data was gathered based on the hospital waste management questionnaire which was designed by World Health Organization for developing countries. Collected Data had been analyzed using SPSS software. The average of solid waste which was generated per bed was 2.78 kg, which included 90% of domestic waste and 10% of infectious waste. Based on the quantitative analysis of general and infectious waste in these hospitals, the highest contributors of general waste were consisting of food waste (37.39%), while textile (28.06%) were the highest contributors of the infectious waste. According to the information contained in the questionnaires, the main defects of waste management in these hospitals were; inadequate staff in waste management sector, poorly disinfection of solid waste containers and temporary storage locations, and a lack of proper infectious waste treatment. According to the results of this research, waste management in these hospitals were far from optimum conditions. In order to improve the existing conditions, mentioned problems must be solved quickly, and planning for continuous monitoring in the waste management field in these hospitals should be established.

Keywords: Waste management, hospital wastes, solid wastes, Iran.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2098

Authors: Alan Walsh, Peter Walker

Abstract:

Differences in commercial, professional and personal cultural traditions between western consultants and project sponsors in the Gulf Cooperation Council (GCC) region are potentially significant in the workplace, and this can impact on project outcomes. These cultural differences can, for example, result in conflict amongst senior managers, which can negatively impact the megaproject. New entrants to the GCC often experience ‘culture shock’ as they attempt to integrate into their unfamiliar environments. Megaprojects are unique ventures with individual project characteristics, which need to be considered when managing their associated risks. Megaproject research to date has mostly ignored the significance of the absence of cultural congruence in the GCC, which is surprising considering that there are large volumes of megaprojects in various stages of construction in the GCC. An initial step to dealing with cultural issues is to acknowledge culture as a significant risk factor (SRF). This paper seeks to understand the criticality for western consultants to address these risks. It considers the cultural barriers that exist between GCC sponsors and western consultants and examines the cultural distance between the key actors. Initial findings suggest the presence to a certain extent of ethnocentricity. Other cultural clashes arise out of a lack of appreciation of the customs, practices and traditions of ‘the Other’, such as the need for avoiding public humiliation and the hierarchal significance rankings. The concept and significance of cultural shock as part of the integration process for new arrivals are considered. Culture shock describes the state of anxiety and frustration resulting from the immersion in a culture distinctly different from one's own. There are potentially substantial project risks associated with underestimating the process of cultural integration. This paper examines two distinct but intertwined issues: the societal and professional culture differences associated with expatriate assignments. A case study examines the cultural congruences between GCC sponsors and American, British and German consultants, over a ten-year cycle. This provides indicators as to which nationalities encountered the most profound cultural issues and the nature of these. GCC megaprojects are typically intensive fast track demanding ventures, where consultant turnover is high. The study finds that building trust-filled relationships is key to successful project team integration and therefore, to successful megaproject execution. Findings indicate that both professional and social inclusion processes have steep learning curves. Traditional risk management practice is to approach any uncertainty in a structured way to mitigate the potential impact on project outcomes. This research highlights cultural risk as a significant factor in the management of GCC megaprojects. These risks arising from high staff turnover typically include loss of project knowledge, delays to the project, cost and disruption in replacing staff. This paper calls for cultural risk to be recognised as an SRF, as the first step to developing risk management strategies, and to reduce staff turnover for western consultants in GCC megaprojects.

Keywords: Western consultants in megaprojects, national culture impacts on GCC Megaprojects, significant risk factors in megaprojects, professional culture in megaprojects.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 598

Authors: S. Mahalakshmi, B. Senthil Arasu

Abstract:

As per the recent changes happening in the global policies, climate related changes and the impact it causes across every sector are viewed as green swan events – in essence, climate related changes can happen often and lead to risk and lot of uncertainty, but need to be mitigated instead of considering them as black swan events. This brings about a question on how this risk can be computed, so that the financial institutions can plan to mitigate it. Climate related changes impact all risk types – credit risk, market risk, operational risk, liquidity risk, reputational risk and others. And the models required to compute this have to consider the different industrial needs of the counterparty, as well as the factors that are contributing to this – be it in the form of different risk drivers, or the different transmission channels or the different approaches and the granular form of data availability. This brings out to the suggestion that the climate related changes, though it affects Pillar I risks, will be a Pillar II risk. This has to be modeled specifically based on the financial institution’s actual exposure to different industries, instead of generalizing the risk charge. And this will have to be considered as the additional capital to be met by the financial institution in addition to their Pillar I risks, as well as the existing Pillar II risks. In this paper, we present a risk assessment framework to model and assess climate change risks - for both credit and market risks. This framework helps in assessing the different scenarios, and how the different transition risks affect the risk associated with the different parties. This research paper delves on the topic of increase in concentration of greenhouse gases, that in turn causing global warming. It then considers the various scenarios of having the different risk drivers impacting credit and market risk of an institution, by understanding the transmission channels, and also considering the transition risk. The paper then focuses on the industry that’s fast seeing a disruption: automobile industry. The paper uses the framework to show how the climate changes and the change to the relevant policies have impacted the entire financial institution. Appropriate statistical models for forecasting, anomaly detection and scenario modeling are built to demonstrate how the framework can be used by the relevant agencies to understand their financial risks. The paper also focuses on the climate risk calculation for the Pillar II capital calculations, and how it will make sense for the bank to maintain this in addition to their regular Pillar I and Pillar II capital.

Keywords: Capital calculation, climate risk, credit risk, pillar II risk, scenario modeling.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 368

Authors: Mária Hudáková, Mária Lusková

Abstract:

This report is focused on widening the theoretical knowledge as well as controlling practical application from the risk management point of view, regarding to dynamic business changes that have occurred in Slovakia which recently has been considered to be an environment full of risk and uncertainty. The idea of the report is the proposal of the controlling operation model in the course of risk management process in an enterprise operating in Slovakia, by which the controller is able to identify early risk factors in suggested major areas of the business management upon appropriate business information integration, consecutive control and prognoses and to prepare in time full-value documents in order to suggest measures for reduction thereof. Dealing with risk factors, that can quickly limit the growth potential of the enterprise, is an essential part of managerial activities on each level. This is the reason why mutual unofficial, ergo collegial cooperation of individual departments is necessary for controlling application from the business risk management point of view. An important part of the report is elaborated survey of the most important risk factors existing in major management areas of enterprises operating in Slovakia. The outcome of the performed survey is a catalogue of the most important enterprise risk factors. The catalogue serves for better understanding risk factors affecting the Slovak enterprises, their importance and evaluation.

Keywords: Controlling, information system, risks management, risk factor, crisis of enterprise.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 857

Authors: Pema Choejey, David Murray, Chun Che Fung

Abstract:

Bhutan is becoming increasingly dependent on Information and Communications Technologies (ICTs), especially the Internet for performing the daily activities of governments, businesses, and individuals. Consequently, information systems and networks are becoming more exposed and vulnerable to cybersecurity threats. This paper highlights the findings of the survey study carried out to understand the perceptions of cybersecurity implementation among government organizations in Bhutan. About 280 ICT personnel were surveyed about the effectiveness of cybersecurity implementation in their organizations. A questionnaire based on a 5 point Likert scale was used to assess the perceptions of respondents. The questions were asked on cybersecurity practices such as cybersecurity policies, awareness and training, and risk management. The survey results show that less than 50% of respondents believe that the cybersecurity implementation is effective: cybersecurity policy (40%), risk management (23%), training and awareness (28%), system development life cycle (34%); incident management (26%), and communications and operational management (40%). The findings suggest that many of the cybersecurity practices are inadequately implemented and therefore, there exist a gap in achieving a required cybersecurity posture. This study recommends government organizations to establish a comprehensive cybersecurity program with emphasis on cybersecurity policy, risk management, and awareness and training. In addition, the research study has practical implications to both government and private organizations for implementing and managing cybersecurity.

Keywords: Awareness and training, cybersecurity, cybersecurity policy, risk management, security risks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1503

Authors: Jefferson Camacho Mejía, Jenny Paola Forero Pachón, Luis Carlos Gómez Flórez

Abstract:

Action research is a qualitative research methodology, which leads the researcher to delve into the problems of a community in order to understand its needs in depth and finally, to propose actions that lead to a change of social paradigm. Although this methodology had its beginnings in the human sciences, it has attracted increasing interest and acceptance in the field of information systems research since the 1990s. The countless possibilities offered nowadays by the use of Information Technologies (IT) in the development of different socio-economic activities have meant a change of social paradigm and the emergence of the so-called information and knowledge society. According to this, governments, large corporations, small entrepreneurs and in general, organizations of all kinds are using IT to virtualize their processes, taking them from the physical environment to the digital environment. However, there is a potential risk for organizations related with exposing valuable information without an appropriate framework for protecting it. This paper shows progress in the development of a methodological design to manage the information security risks associated with the IT-based processes virtualization, by applying the principles of the action research methodology and it is the result of a systematic review of the scientific literature. This design consists of seven fundamental stages. These are distributed in the three stages described in the action research methodology: 1) Observe, 2) Analyze and 3) Take actions. Finally, this paper aims to offer an alternative tool to traditional information security management methodologies with a view to being applied specifically in the planning stage of IT-based process virtualization in order to foresee risks and to establish security controls before formulating IT solutions in any type of organization.

Keywords: Action research, information security, information technology, methodological design, process virtualization, risk management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 904

Authors: R. Berglund, T. Backström, M. Bellgran

Abstract:

This study explores how management addresses psychosocial risks in seven teams of engineers and technicians in the midst of the fourth industrial revolution. The sample is from an ongoing quasi-experiment about psychosocial risk management in a manufacturing company in Sweden. Each of the seven teams belongs to one of two clusters: a positive cluster or a negative cluster. The positive cluster reports a significantly positive change in psychosocial risk levels between two time-points and the negative cluster reports a significantly negative change. The data are collected using semi-structured interviews. The results of the computer aided thematic analysis show that there are more differences than similarities when comparing the risk treatment actions taken between the two clusters. Findings show that the managers in the positive cluster use more enabling actions that foster and support formal and informal relationship building. In contrast, managers that use less enabling actions hinder the development of positive group processes and contribute negative changes in psychosocial risk levels. This exploratory study sheds some light on how management can influence significant positive and negative changes in psychosocial risk levels during a risk management process.

Keywords: Group process model, risk treatment, risk management, psychosocial.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 956

Authors: Guanqun Shi, Xueqing Zhang

Abstract:

The frequent occurrence of failures in PPP projects which caused great loss has raised attention from the government as well as the concessionaire. PPPs are complex arrangements for its long operation period and multiple players. Many types of risks in PPP projects may cause the project fail. The insurance is an important tool to transfer the risks. Through a comparison and analysis of international government PPP guidelines and contracts as well as the case studies worldwide, we have identified eight main insurance principles, discussed thirteen insurance types in different stages. An overall procedure would be established to improve the practices in PPP projects.

Keywords: Public-private partnerships, insurance, contract, risk.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 804

Authors: E. Cenderelli, E. Bruno, G. Iacoviello, A. Lazzini

Abstract:

The financial sector is exposed to the risk of cyber-attacks like any other industrial sector. Furthermore, the topic of CybeRisk (cyber risk) has become particularly relevant given that Information Technology (IT) attacks have increased drastically in recent years, and cannot be stopped by single organizations requiring a response at international and national level. IT risk is never a matter purely for the IT manager, although he clearly plays a key role. A bank's risk management function requires a thorough understanding of the evolving risks as well as the tools and practical techniques available to address them. Upon the request of European and national legislation regarding CybeRisk in the financial system, banks are therefore called upon to strengthen the operational model for CybeRisk management. This will require an important change with a more intense collaboration with the structures that deal with information security for the development of an ad hoc system for the evaluation and control of this type of risk. The aim of the work is to propose a framework for the management and control of CybeRisk that will bridge the gap in the literature regarding the understanding and consideration of CybeRisk as an integral part of business management. The IT function has a strong relevance in the management of CybeRisk, which is perceived mainly as operational risk, but with a positive tendency on the part of risk management to the identification of CybeRisk assessment methods that are increasingly complete, quantitative and able to better describe the possible impacts on the business. The paper provides answers to the research questions: Is it possible to define a CybeRisk governance structure able to support the comparison between risk and security? How can the relationships between IT assets be integrated into a cyberisk assessment framework to guarantee a system of protection and risks control? From a methodological point of view, this research uses a case study approach. The choice of “Monte dei Paschi di Siena” was determined by the specific features of one of Italy’s biggest lenders. It is chosen to use an intensive research strategy: an in-depth study of reality. The case study methodology is an empirical approach to explore a complex and current phenomenon that develops over time. The use of cases has also the advantage of allowing the deepening of aspects concerning the "how" and "why" of contemporary events, on which the scholar has little control. The research bases on quantitative data and qualitative information obtained through semi-structured interviews of an open-ended nature and questionnaires to directors, members of the audit committee, risk, IT and compliance managers, and those responsible for internal audit function and anti-money laundering. The added value of the paper can be seen in the development of a framework based on a mapping of IT assets from which it is possible to identify their relationships for purposes of a more effective management and control of cyber risk.

Keywords: Bank, CybeRisk, information technology, risk management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1357

Authors: Feng-Chuan Pan, Fang-Yue Liu

Abstract:

Hospitals in southern Hualien teamed with the Hypertension Joint Care Network. Working with the network, the team provided a special designed health education to the individual who had been identified as a hypertension patient in the outpatient department. Some metabolism improvements achieved. This is a retrospective study by purposively taking 106 patients from a hospital between 2008 and 2010. Records of before and after education intervention of the objects was collected and analyzed to see the how the intervention affected the patients- hypertension control via clinical parameter monitoring. The results showed that the clinical indicators, the LDL-C, the cholesterol and the systolic blood pressure were significantly improved. The study provides evidence for the effectiveness of the network in controlling hypertension.

Keywords: hypertension, joint care management network, cardiovascular diseases, metabolic syndrome.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1671

Authors: N. Borjalilu, P. Rabiei, A. Enjoo

Abstract:

Flight Data Monitoring (FDM) program assists an operator in aviation industries to identify, quantify, assess and address operational safety risks, in order to improve safety of flight operations. FDM is a powerful tool for an aircraft operator integrated into the operator’s Safety Management System (SMS), allowing to detect, confirm, and assess safety issues and to check the effectiveness of corrective actions, associated with human errors. This article proposes a model for safety risk assessment level of flight data in a different aspect of event focus based on fuzzy set values. It permits to evaluate the operational safety level from the point of view of flight activities. The main advantages of this method are proposed qualitative safety analysis of flight data. This research applies the opinions of the aviation experts through a number of questionnaires Related to flight data in four categories of occurrence that can take place during an accident or an incident such as: Runway Excursions (RE), Controlled Flight Into Terrain (CFIT), Mid-Air Collision (MAC), Loss of Control in Flight (LOC-I). By weighting each one (by F-TOPSIS) and applying it to the number of risks of the event, the safety risk of each related events can be obtained.

Keywords: F-TOPSIS, fuzzy set, FDM, flight safety.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 841

Authors: Maithem Al-Saadi, Min An

Abstract:

During airport planning and design stages, the major issues of capacity and safety in construction and operation of an airport need to be taken into consideration. The airside of an airport is a major and critical infrastructure that usually consists of runway(s), taxiway system, and apron(s) etc., which have to be designed according to the international standards and recommendations, and local limitations to accommodate the forecasted demands. However, in many cases, airport airsides are suffering from unexpected risks that occurred during airport operations. Therefore, safety risk assessment should be applied in the planning and design of airsides to cope with the probability of risks and their consequences, and to make decisions to reduce the risks to as low as reasonably practicable (ALARP) based on safety risk assessment. This paper presents a combination approach of Failure Modes, Effect, and Criticality Analysis (FMECA), Fuzzy Reasoning Approach (FRA), and Fuzzy Analytic Hierarchy Process (FAHP) to develop a risk analysis model for safety risk assessment. An illustrated example is used to the demonstrate risk assessment process on how the design of an airside in an airport can be analysed by using the proposed safety design risk assessment model.

Keywords: Airport airside planning and design, design for safety, fuzzy reasoning approach, fuzzy AHP, risk assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2105

Authors: Dinna N. M. N., Leau Y. B., Habeeb S. A. H., Yanti A. S.

Abstract:

Phishing scheme is a new emerged security issue of E-Commerce Crime in globalization. In this paper, the legal scaffold of Malaysia, United States and United Kingdom are analyzed and followed by discussion on critical issues that rose due to phishing activities. The result revealed that inadequacy of current legal framework is the main challenge to govern this epidemic. However, lack of awareness among consumers, crisis on merchant-s responsibility and lack of intrusion reports and incentive arrangement contributes to phishing proliferating. Prevention is always better than curb. By the end of this paper, some best practices for consumers and corporations are suggested.

Keywords: Phishing, Online Fraud, Business risks, Consumers privacy, Legal Issue, Cyber law.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2207