final irm ppt
TRANSCRIPT
-
8/2/2019 Final Irm Ppt
1/32
Prepared By :
Amit Gupta
Bharti Gupta
Vaibhav Purang
-
8/2/2019 Final Irm Ppt
2/32
Detriment, disadvantage, or deprivation fromfailure to keep, have, or get: to bear the loss
of a robbery The state of being deprived of or of being
without something that one has had.
-
8/2/2019 Final Irm Ppt
3/32
Loss is caused by the operation of perils causes for the losses
Perils- such as fire, explosion etc
Human factors- such as negligence,carelessness, inadequate training,inadequate supervision etc.
Inadequate maintenance
Failure of Plant/ machinery due tobreakdowns
Natural perils such as flood, cyclone,earthquake, landslide etc
-
8/2/2019 Final Irm Ppt
4/32
The loss potential ( extent of loss) dependson HAZARD
conditions which are favourable for theincident to assume large proportions
More the potential severe will be the extent ofloss
PERIL ( CAUSE)----------------LOSS(EFFECT)(Fire) HAZARD
(Crackers)
-
8/2/2019 Final Irm Ppt
5/32
Property losses
Losses to human resources
Liability losses Loss from external economic forces
-
8/2/2019 Final Irm Ppt
6/32
Drop in Family Earnings
Medical Expenses
Personal Liability
-
8/2/2019 Final Irm Ppt
7/32
Risks are internal & external events (economicconditions, staffing changes, new systems,regulatory changes, natural disasters, etc.)
that threaten the accomplishment of objectives.
Risk assessment is the process of identifying,evaluating, and deciding how to manage theseevents
What is the likelihood of the event occurring? What would be the impact if it were to occur?
What can we do to prevent or reduce the risk?
7
-
8/2/2019 Final Irm Ppt
8/32
Determine where the risk of loss lie for thecompany
Discover every possible risk factor that may
be associate with Own activities of the organisation
Political, social, legal and physical environmentin which it operates
-
8/2/2019 Final Irm Ppt
9/32
Loss/Risk
Identification
Risk PerceptionExposure
Analysis/Identificationof Peril
-
8/2/2019 Final Irm Ppt
10/32
No single method can reveal all the losses
Select the most promising method within the
budget constraints Risk identification must be an ongoing process
-
8/2/2019 Final Irm Ppt
11/32
Reveals various facts about:
Nature and extent of the organisationactivities
Inter-dependencies between various parts ofthe organisation
Breakdown of organisation into cost centresto take risk financing decisions
People participating in risk handling decisions
Any organisational weaknesses
-
8/2/2019 Final Irm Ppt
12/32
Data required for valuation of assets
Data for quantifying inter-dependencies
Details of financial arrangement Past costs of losses
-
8/2/2019 Final Irm Ppt
13/32
Other Records
After sales servicing records pointing dangerousdefects in products.
Flow Charts
Pinpoint potential bottlenecks Reveal vulnerability of the business to risk
-
8/2/2019 Final Irm Ppt
14/32
Developed by economists for tracing the flowof good and services through economy and toidentify:
Contribution of an organisation to totalearnings
Exposure of an organisation to risks ofdisruption of its business
-
8/2/2019 Final Irm Ppt
15/32
Check Lists
Peril or hazard is considered in relationship to
the business operations
Threat Analysis
Compile list of threats to the business
-
8/2/2019 Final Irm Ppt
16/32
Hazard and Operability Study
Examine the whole process to identify potentialdeviations, their causes & possible consequences
Fault Tree Analysis
Examine causal relationship between the failureof some sub-system
Assist in calculating the probability of the lossproducing event
-
8/2/2019 Final Irm Ppt
17/32
Five Steps include:1. Assign Values to Assets:2. Determine Loss due to Threats & Vulnerabilities
Confidentiality, Integrity, Availability
3. Estimate Likelihood of Exploitation Weekly, monthly, 1 year, 10 years?
4. Compute Expected Loss Loss = Downtime + Recovery + Liability + Replacement Risk Exposure = ProbabilityOfVulnerability * $Loss
5. Treat Risk Survey & Select New Controls Reduce, Transfer, Avoid or Accept Risk
-
8/2/2019 Final Irm Ppt
18/32
Identify & Determine Value of Assets Assets include:
IT-Related: Information/data, hardware, software,services, documents, personnel
Other: Buildings, inventory, cash, reputation, sales
opportunities What is the value of this asset to the company? How much of our income can we attribute to this
asset? How much would it cost to recover this? How much liability would we be subject to if the
asset were compromised?
-
8/2/2019 Final Irm Ppt
19/32
Sales
Product A
Product B
Product C
Risk: Replacement Cost=Cost of loss of integrity=Cost of loss of availability=Cost of loss of confidentiality=
Risk: Replacement Cost=Cost of loss of integrity=Cost of loss of availability=
Cost of loss of confidentiality=
Risk: Replacement Cost=
Cost of loss of integrity=Cost of loss of availability=Cost of loss of confidentiality=
Tangible $ Intangible: High/Med/Low
Costs
-
8/2/2019 Final Irm Ppt
20/32
Natural: Flood, fire, cyclones,rain/hail/snow, plagues andearthquakes
Unintentional: Fire, water,building damage/collapse, lossof utility services, andequipment failure
Intentional: Fire, water, theft
Intentional, non-physical:
Fraud, hacking, identity theft,malicious code, socialengineering, phishing, denialof service
-
8/2/2019 Final Irm Ppt
21/32
SystemVulnerabilities
Behavioral:Disgruntled employee,
uncontrolled processes,poor network design,improperly configured
equipment
Misinterpretation:Poorly-defined
procedures,employee error,Insufficient staff,
Inadequate mgmt,Inadequate compliance
enforcement
CodingProblems:
Security ignorance,poorly-definedrequirements,
defective software,unprotected
communication
PhysicalVulnerabilities:
Fire, flood,negligence, theft,kicked terminals,no redundancy
-
8/2/2019 Final Irm Ppt
22/32
Best sources:Past experienceSpecialists and expert adviceMarket research & analysisExperiments & prototypesIf no good numbers emerge, estimates can
be used, if management is notified ofguesswork
-
8/2/2019 Final Irm Ppt
23/32
Qualitative: Prioritizes risks so that highestrisks can be addressed first
Based on judgment, intuition, and
experienceMay factor in reputation, goodwill,
nontangibles
Quantitative: Measures approximate costof impact in financial terms
Semiquantitative: Combination ofQualitative & Quantitative techniques
-
8/2/2019 Final Irm Ppt
24/32
-
8/2/2019 Final Irm Ppt
25/32
Loss Control refers to efforts that reduce
expected losses. For e.g. Air Bags in Cars.
It usually involves investment of resources(Funds, Efforts or Time)
Considerations for optimal level of loss
control:
BENEFITS i.e. lower expected losses
COSTS i.e. loss control activities
-
8/2/2019 Final Irm Ppt
26/32
Loss Prevention
Loss Avoidance
Loss Reduction
-
8/2/2019 Final Irm Ppt
27/32
Carrying out of numerous activities that
minimize expected losses by reducing the
frequency of losses (loss prevention).
For e.g.
Family building a fence around their yard to
protect their child, OR
Manufacturing of safer products by
businesses.
-
8/2/2019 Final Irm Ppt
28/32
Completely avoiding the activity that
potentially gives rise to the loss.
It leads to the sacrifice of benefits from theactivity that gave rise to the potential loss.
For e.g. in 1980s, many small airplanemanufacturers went out of business to
avoid law suits.
-
8/2/2019 Final Irm Ppt
29/32
It can be done in two ways:
Pre-Loss Activities , which decrease the
magnitude of a loss if one occurs. For e.g.
investment in Fire Extinguishers reduces
magnitude of loss by fire, but it cant prevent it.
Post-Loss Activities, which occur subsequent toan event that causes a loss. For e.g. placing
plywood over windows that were broken in a
storm can reduce subsequent water damage
and theft losses.
-
8/2/2019 Final Irm Ppt
30/32
CATASTROPHE PLANNING
A type of Pre-Loss reduction activity to reducethe magnitude of losses, both
Natural- Hurricanes, Earthquakes, Tsunamis etc
Man MadeNuclear Accidents, Chemical Spillsetc
Local, State and Federal Governments, as well asmany Organizations have detailed plans ofevacuation, medical treatment, power restorationand cleanup.
-
8/2/2019 Final Irm Ppt
31/32
In situations where premiums accurately
reflect loss control activities, insurance
coverage can reduce moral hazards.
For e.g. a restaurant will have greater
incentive to install flooring material that
reduces slips and falls, if its insurance
premiums are reduced following installation
of new flooring.
-
8/2/2019 Final Irm Ppt
32/32
THANK YOU