Made by : Dimas Arya Denta
Definition
Risk assessment is method for estimate
the effect and in order to prepare any effect of the risk. Risk have a big
effect for our activity especially in systems. If just one component made a
mistake, it can affect all of component. In here, we talk about reducing the
risk and how to handle the effect of the risk itself. There are several steps
that we must do before we analyse that are analyse the level of risk,
consideration of hazard level, and evaluate whether the source of hazard can be
controlled.
Focus
Assessment can be focused on certain areas
both the risk level is unknown and the risk level is high. Defining scope and
limitations can help save costs. How to
determine limitations, scope, and methodology will have major consequences in
the total amount of effort spent on risk management and the type and usefulness
of the results of the assessment. Limits and scope must be chosen in a way that
will provide clear, specific, and useful results for the system and the
environment. Risk has many different components, including assets, threats,
vulnerabilities, protection, consequences, and possibilities. Examination
includes collecting data about threatened areas and synthesizing and analyzing
information to be useful. To avoid the possibility of gathering a lot of
information but only a few can be analyzed, steps need to be taken to limit the
collection of information by screening. An attempt at risk management must
focus on areas that produce the greatest consequences for the organization such
as causing large losses. This can be done by threats and assets. A risk
management methodology does not always need to analyze the risk components
separately. For example, assets and consequences or threats and likelihoods can
be analyzed together.
Function
Risk assessment is
used to support two related functions, namely risk acceptance and economical
cost control. To achieve these functions, risk assessment must produce
meaningful output, which reflects what really matters to the organization.
Limiting the most significant risk interpretation activities to risk is another
way in the risk management process that is focused on reducing overall efforts
while still producing useful results. If the risk is interpreted consistently
throughout the organization, the results can be used to prioritize systems that
must be secured.