Risk is a quantitative evaluation of the potential damage caused by an attack, a vulnerability, or an event impacting the set of company IT assets. A vulnerability (or weakness) is a lack of a safeguard, which may be exploited by a threat, causing harm to the information systems; specifically it can be a software flaw that permits an exogenous agent to use a computer system without authorizat…
During the month of July 2007, unrelenting rains dumped over 120 millimetres of rain over a period of five days on the City of Cape Town, leading to flooding that impacted 8 000 households (38 000 residents) located primarily in the informal settlements outside of the City, such as the Bongani TR Section of Khayelitsha (Figure 1) and Phola Park Philippi. Such flooding is increasingly common an…
Topic Gateways are intended as a refresher or introduction to topics of interest to CIMA members. They include a basic definition, a brief overview and a fuller explanation of practical application. Finally they signpost some further resources for detailed understanding and research. Topic Gateways are available electronically to CIMA Members only in the CPD Centre on the CIMA website, along w…
Disasters can hamper economic growth, affect poverty levels and cause human suffering. Without significant action, the extent and impact of economic and social damage associated with disasters will get worse over the next 20 years, largely as a result of growing exposure of people and assets. This has the potential to reverse development progress in hard-hit areas. Including measures to pro…
The implementation of ERP systems has been problematic for many organizations. Given the many reports of substantial failures, the implementation of packaged ERP software and associated changes in business processes has proved not to be an easy task. As many organizations have discovered, the implementation of ERP systems can be a monumental disaster unless the process is handled carefully.…
The objectives of the present study are to better understand the mechanisms of major accidents in the present dynamic and technological society. From this understanding, guides to improved strategies for industrial risk management are sought. It is important to consider carefully the present changes in a modern society when planning for industrial risk management. We are facing a period o…
In the past, the world’s ecosystems were able to absorb the ecological damage resulting from extensive industrialization and development. However, the rapid increases in human population, as well as in technological and economic expansion has put increasingly greater demands on the Earth’s natural resources, such as fresh water supplies, which in turn has made it more diffi cult to sust…
Information Assurance (IA) is the confidence that information assets will protect the information they handle and will function as they need to, when they need to, under the control of legitimate users.
The purpose of this paper is to “seed” the discussion by the Research Committee of the Canadian Council of Professional Engineers (CCPE) on the topic of risk management. The paper is in part a research paper and in its entirety a position paper. As can be inferred from the title, the authors hold the firm opinion that risk management is an area of knowledge with which all engineers should h…
OAL ISP facilitators must conduct a risk assessment and hazard analysis for all portions of the OAL ISP using appropriate forms and lines of communication. • This risk assessment identifies hazards and associated inherent risks and measures for managing staff and participant exposure to these risks. • Risk assessment occurs 1) prior to the program using various resources such as guidebook…
Risk management has come a long way from its origins in engineering and health and safety. It is now used on a wide range of applications across a range of commercial, industrial and other forms of enterprise. More and more organisations are establishing and developing risk management facilities, both as an internal initiative and in response to statutory and regulatory external pressures. A…
The purpose of this thesis is to provide an academic contribution to the subject Enterprise Risk Management. This is done by carrying out a study concerning today’s use of ERM in larger Danish companies and identification of structures that influence the choice of developing an ERM process in the company. The underlying assumption of the thesis is that such structures exist, and the objec…
Risk management information systems are designed to overcome the problem of aggregating data across diverse trading units. The design of an information system depends on the risk measurement methodology that a firm chooses. Inherent in the design of both a risk management information system and a risk measurement methodology is a tradeoff between the accuracy of the resulting measures of ri…
The purpose of risk management training is to raise basic awareness of risk management concepts and mechanisms, to enable participants to identify and manage risks in their own units and to strengthen project management through adequate forward planning of potential risks. The half-day training module on risk management introduces the defi nition of risk and the purpose of risk management …
Here are the highlights of the attached White Paper on risk management as relates to condominium projects: There has been incredible growth in the housing market nationwide. Construction defect litigation has exploded in several states, drawing aggressive plaintiff law firms to what has become a “cottage industry” of filing suits on behalf of condominium owners and Homeowner Associat…