Saturday, June 15, 2019
Risk Management (Firms and organisations within the healthcare sector) Essay
Risk Management (Firms and organisations within the healthc be sector) - Essay ExampleUpon questioning our Chief Information Officer regarding pretend assessment and management in our organization, I was informed that we had a very well-developed system in place, one whose efficiency and effectiveness were an outcome of trial and error.At the end of the 20th century, we have witnessed the massive transition from isolated, disconnected computers to networked computer clusters all over the world. At present time, there are an estimated 250 million networked hosts world-wide (Telcordia, 2002). This world(a) pervasive connectivity has been a boon for consumers, businesses and governments alike due to the ease, convenience and speed of electronic data exchange. However, the ease of use and relative anonymity that the Internet affords has been leveraged by criminal elements, as well. Indeed, no private, commercial or government agency is completely safe or has been unaffected by the proli feration of this kind of cyber-crime. E-Commerce Times describe that the ILOVEYOUvirus affected 45 million hosts and inflicted monetary hurts to the tune of estimated $2.6 billion (Enos, 2000). The infamous Melissa macro virus caused an estimated $300 million in damage in 1999 and several prominent e-commerce sites were hit by Distributed Denial of Service attacks in the beginning of 2000 (Committee on Science, 2000). The estimated worldwide damage caused by automated digital attacks over $30 billion for 2002 (Economic Damage, 2002). These estimated damage figures have to be taken with a grain of salt, but the trend is clear. Moreover, in just a xii years time, the propagation speed, as well as the estimated damages has increased by five, and two orders of magnitude, respectively.The healthcare organization in question has been affected by some(prenominal) viruses and DoS attacks. As the Chief Information Officer noted, each virus or DoS incident proved extremely costly, whether calculated in ground of financial loss or the cost of resolving the problem. Therefore, to prevent, or limit, the possibility of future attacks, the organization has adopted a rather comprehensive information protection framework. Key components of this framework, according to the CIO, are essay assessment and risk management. 3Risk AssessmentRisk is commonly defined as the product of luck and severity of adverse effects, and the most common approach to quantify risk is a single figure - its expected value Hai98, p. 29. Mathematically speaking, given a random variable with probability function and loss function , the expected risk value in the discrete case is equal to . It is apparent that these are generic probability weighed averaging formulas. As further explained by the CIO, its semantic specialization into an expected value of risk occurs through the loss function. The unit of the expected risk value is the unit used by the loss function and could be downtime, cost, credib ility, etc.As a preliminary example, the simplified risk of attack consequences on a host that is running one application is shown in the table belowHypothetical Risk Confronted by the Healthcare
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.