1 / 13

Introduction

Introduction. Over 25 years of risk management experience. Includes property/casualty insurance 10+ years Information security 15+ years Currently working as a contractor for the Department of Energy, National Nuclear Security Administration

ulfah
Download Presentation

Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction • Over 25 years of risk management experience. • Includes property/casualty insurance 10+ years • Information security 15+ years • Currently working as a contractor for the Department of Energy, National Nuclear Security Administration • Have worked in life, property and health insurance industries (Liberty Mutual, CNA, Hartford, Equitable of Iowa, Empire Blue Cross/Blue Shield) trucking (System 99), manufacturing (Boeing), software (Microsoft), entertainment (Disney), telecommunications (AT&T Wireless)

  2. Risk Management …it’s not for the timid

  3. Risk Management • You make risk decisions every day • The speed limit is 45– should I drive faster • Will I get caught? • Do I have enough money to pay a ticket? • Will my insurance go up? • If I get caught will I be late for work? • OR • I like to drive fast – will I have an accident? • OR • I want to drive fast – because I want to look cool • Will I look stupid? • Will I goof it up?

  4. Risk Management • Is a series of questions and answers that support a state of being or goal. • State of being – profit • Goal – Not to get a ticket, have an accident or look stupid • The most important step in risk management is the goal or state of being – What are you willing to risk?

  5. Risk Management As an example: If you are a property insurer your goal or state of being needs to be decided by management and understood by your employees. • If the goal is not to have a property loss your questions/decisions will be very different from a goal of preventing a fire at a property • If you are preventing fires you will ask questions that pertain to fires • If you are preventing loss to a property you will ask questions that pertain to fire, flood, hurricanes, tornadoes, earthquakes, financial stability…….

  6. Risk Management The next step is to think of all the things/situations that could threaten your goal • Threats • What could threaten a person’s financial stability?

  7. Risk Management After listing all the possible threats, the next set of questions have to do with how vulnerable the person or asset would be to having the threat become real • Vulnerabilities We are all vulnerable to the threat of earthquakes

  8. Risk Management But how likely is it that an earthquake will cause us harm in Las Vegas? • According to United States Geological Survey earthquake history map shown on the previous slide, Las Vegas is between 18 and 20% likely to HAVE an earthquake. But how likely is it that the earthquake will cause harm to persons and property? • Likelihood considers both if/when a threat will happen and if/when it happens, will there be damage and about how much?

  9. Risk Management Next consideration is; are there are any protections in place to eliminate or lessen the damage that would result from a threat and vulnerability? • Mitigations • In the case of a fire threat to a two-story residential house • The fire station is on the next block, there is a fire hydrant in front of the house, the house has a pool, the homeowner has adequate insurance, the house’s electrical system has been upgraded and inspected within the last 5 years…

  10. Risk Management Next we look at how a loss, the vulnerability to a threat has been realized, impacts the goal or state of being. • Impact • If I got sick, how would that impact my financial stability? • Questions to ask: Do I have health insurance? Will the insurance cover a long-term treatment? How long can I be sick before an impact is felt? Do I have sick leave? How long can I be out of work on sick leave before an impact is felt?

  11. Risk Management The last consideration is one seldom mentioned but it deserves to be included as a factor – • How confident are you in the answers to your questions? • It is difficult indeed to be 100% sure that our input data is accurate. • If there is not much corroboration or history to back up the answers and you feel the reliability of the source is in question, then your confidence level should be a factor in managing what you are willing to risk.

  12. Risk Management There will always be a risk. How much risk are you comfortable with? All the questions, answers, and factors help you arrive at a number or level of resultant risk. • Residual Risk • If the level of residual risk is still too high for comfort, consideration of possibly further mitigating, maybe sharing the risk (insurance) or eliminating the threat or vulnerability (move to where there are no earthquakes, repair software vulnerabilities)

  13. Risk Management Conclusion Questions? Hand out

More Related