×

System and method for risk detection reporting and infrastructure

  • US 10,068,193 B2
  • Filed: 11/02/2015
  • Issued: 09/04/2018
  • Est. Priority Date: 06/09/2003
  • Status: Active Grant
First Claim
Patent Images

1. A system for monitoring and controlling risks associated with a supply chain, comprising:

  • a processor;

    a memory coupled to the processor, wherein the memory contains a software program to be run by the processor that provides for the following;

    accessing the memory to identify one or more supply chain infrastructural elements;

    identifying one or more safety based risk elements each associated with said one or more identified supply chain infrastructural elements, wherein the one or more safety based risk elements include one or more of;

    external malicious threats, intrusion detection, safety of personnel, safety of infrastructure, safety of data systems, physical subversion of assets, or physical subversion of delivery mechanisms,wherein each of the one or more safety based risk elements corresponds to one of a plurality of risk categories, and wherein each of the plurality of risk categories has an associated base value that corresponds to an average risk value,wherein a derived risk value for each of the one or more safety based risk elements is determined based on at least one of a relative degree of risk and risk of a particular type with respect to the associated at least one of the identified supply chain infrastructural elements, wherein an associated risk value of each of the risk categories is determined based on one or more derived risk values of the one or more safety based risk elements associated with such risk category, and wherein the associated risk value corresponds to at least one of a physical location, a logical location, and a type of the associated at least one of the identified supply chain infrastructure elements;

    analyzing a probability of an occurrence of a threat outcome using the processor based on a transparency, character, logic and trust of the data;

    determining a risk threshold based on a value of a threat times the probability of the occurrence of the threat outcome, wherein the value of the threat is based on the associated risk values for the plurality of risk categories,wherein at least one risk policy is determined for each of the plurality of risk categories, to arrive at a set of risk policies, wherein implementation of the set of risk policies comprises evaluating a risk associated with at least one of the one or more identified supply chain infrastructural elements to determine whether the risk exceeds or does not exceed the risk threshold;

    receiving information indicating that the one or more identified supply chain infrastructural elements is to be utilized in the supply chain and using the processor to evaluate said information against the set of risk policies to determine if the risk threshold is exceeded; and

    if the risk threshold is exceeded, flagging the one or more identified supply chain infrastructural elements or categorizing the one or more identified supply chain infrastructural elements as high risk.

View all claims
  • 15 Assignments
Timeline View
Assignment View
    ×
    ×