Wait a second!
More handpicked essays just for you.
Short note on risk assessment
Short note on risk assessment
Don’t take our word for it - see why 10 million students trust us with their essay needs.
Overview of Three Risk Analyses: MSRAM, OCTAVE, and CRAMM
1892 Words4 Pages
Recommended: Short note on risk assessment
Introduction This paper discusses three risk analysis methodologies, specifically, MSRAM, OCTAVE, and CRAMM and provides a detailed description of each and how they incorporate risk into a platform for decision makers to use in their endeavors to prevent, protect, mitigate, respond, and in recovery measures as part of the risk assessment and management processes. MSRAM The MSRAM method was established through the U.S. Coast Guard to deliver a uniform and all-inclusive approach for gauging risks and allocating resources throughout all areas of responsibility of the U.S. Coast Guard. It replaced the Port Security Risk Tool and offers a comprehensive, risk-based approach to assessing the nation’s port’s and waterways (Edmonson 2006, 18). MSRAM defines risks as the product of “Threat, Vulnerability and Consequence, R = TVC” (Edmonson 2006, 18). It includes software-guided input tools for estimating each element of risk: T, V and C. Although the Coast Guard reports their risk using a Risk Index Number (RIN), that number can be directly associated with a dollar cost of consequences. The MSRAM method uses a computer program single tool, a lone set of definitions and a team of trained risk analysts. Furthermore, all data from their analyses are rolled up to a single national database and checked for consistency and reasonableness at four levels of review: 1) the Captain of the Port, 2) the District, 3) Areas, 4) and Headquarters. Additionally, historical data for consequences, for a range of asset classes, are used to create reasonable ranges for user input. This level of quality control is unprecedented in a risk tool and offers a best practice for other risk analysts. At the moment, MSRAM is the only instrument used on a nationwid... ... middle of paper ... ...ion process. Conclusion While there are many forms and methods to assess risk, the above approaches provide alternative options to the decision makers that may or may not be specific to their needs. References Edmonson, R. G. 2006. "PSRAT to MSRAM." Journal Of Commerce (15307557) 7, no. 44: 18. Business Source Complete, EBSCOhost (accessed December 18, 2013). Kouns, Jake and Daniel Minoli. 2010. Information Technology Risk Management in Enterprise Environments: A Review of Industry Practices and a Practical Guide to Risk Management Teams. John Wiley & Sons. (Kouns and Minoli 2010) Blokdijk, Gerard and Ivanka Menken. 2008. Information Security Management Best Practice Workbook: Implementation and Management Roadmap for Threats, Challenges and Solutions - Ready to Use Supporting Documents Bringing Theory Into Practice. Lulu. (Blokdijk and Menken 2008)