Interactive security risk management

US 20040168086A1
Filed: 12/15/2003
Published: 08/26/2004
Est. Priority Date: 12/18/2002
Status: Abandoned Application

First Claim

Patent Images

1. A computer implemented method for managing security risk, the method comprising:

setting a hierarchical relationship between two or more elements comprising an entity;

receiving an indication of a security risk associated with one or more of the elements;

receiving a selection of an element; and

transmitting a description of the security risk as it relates to the element selected, based upon the hierarchical relationship of elements and the indication of the security risk.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention includes computer implemented methods and computer apparatus for managing security risk by setting a hierarchical relationship between two or more elements comprising an entity and receiving an indication of a security risk associated with one or more of the elements. A selection of an element can also be received and a description of the security risk can be transmitted, as it relates to the element selected and based upon the hierarchical relationship of elements and the indication of the security risk. A list of resources associated with the element selected can also be generated. Elements can include, for example, a geographic area delineated according to at least one of: a continent, a national boundary; a political boundary, a facility campus; a floor comprising a facility; and a room comprising a building.

Citations

18 Claims

1. A computer implemented method for managing security risk, the method comprising:
- setting a hierarchical relationship between two or more elements comprising an entity;
  
  receiving an indication of a security risk associated with one or more of the elements;
  
  receiving a selection of an element; and
  
  transmitting a description of the security risk as it relates to the element selected, based upon the hierarchical relationship of elements and the indication of the security risk.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 additionally comprising generating a list of resources associated with the element selected.
  - 3. The method of claim 1 wherein the element comprises a geographic area delineated according to at least one of:
    - a continent, a national boundary;
      
      a political boundary, a facility campus;
      
      a floor comprising a facility; and
      
      a room comprising a building.
  - 4. The method of claim 1 wherein the description of the security risk as it relates to the element selected comprises at least one of:
    - a threat of physical harm to an asset;
      
      a threat of misappropriation of an asset; and
      
      a threat of physical harm to one or more persons.
  - 5. The method of claim 1 wherein the description of the security risk as it relates to the element selected comprises misappropriation of information comprising a computerized information system.
  - 6. The method of claim 1 additionally comprising transmitting a subjective quantifier descriptive of an amount of harm that could be caused by the security risk.
  - 7. The method of claim 1 additionally comprising transmitting a subjective quantifier descriptive of a time frame during which harm, caused by the security risk, could be experienced by an associated element.
  - 8. The method of claim 1 wherein the hierarchical relationship between two or more elements comprises a progressively greater or lesser resolution ranging from a country level resolution to a room level resolution.
  - 9. The method of claim 1 additionally comprising receiving an image of an element and transmitting the image with the description of the security risk as it relates to the element selected.
  - 10. The method of claim 1 additionally comprising the steps of:
    - color coding elements and associated risks according to at least one of;
      
      a degree of risk, a type of risk, a type of element;
      
      a value of assets involved and propensity for the risk to grow.

11. A computer implemented method for managing a security risk associated with a facility, the method comprising:
- presenting a graphical user interface related to a facility and comprising one or more images of the facility;
  
  displaying security issues related to a geographic region comprising the location of the facility;
  
  indicating one or more proximate threats to the facility; and
  
  displaying a relative location of at least one of;
  
  a public utility dependency;
  
  proximate emergency services, ingress routes, egress routes, and a proximate secure shelter.
- View Dependent Claims (12, 13)
- - 12. The method of claim 11 additionally comprising the steps of:
    - storing a time series of images of one or more particular portions of the facility;
      
      identifying changes to subsequent images of at least one area of the facility as compared to prior images; and
      
      determining a countermeasure to a threat based upon the identified changes.
  - 13. The method of claim 11 additionally comprising the steps of:
    - storing a record of proximate threats to a facility; and
      
      generating a report of at least one of;
      
      an event log;
      
      an incident report; and
      
      facility history according to at least one of;
      
      a facility level;
      
      a defined intra-national geographic area level;
      
      a national level; and
      
      a defined international level.

14. A method for managing security risk associated with a facility, the method comprising:
- inputting an indication identifying a facility;
  
  receiving an indication of one or more security risks associated with the facility;
  
  inputting an indication of a subset of the facility;
  
  receiving information descriptive of the security risks specific to the subset of the facility; and
  
  receiving an image of the subset of the facility.

15. A computerized system for or managing security risk, the system comprising:
- a computer server accessible with a system access device via a communications network; and
  
  executable software stored on the server and executable on demand, the software operative with the server to cause the server to;
  
  set a hierarchical relationship between two or more elements comprising an entity;
  
  receive an indication of a security risk associated with one or more of the elements;
  
  receive a selection of an element;
  
  transmit a description of the security risk as it relates to the element selected, based upon the hierarchical relationship of elements and the indication of the security risk.

16. Computer executable program code residing on a computer-readable medium, the program code comprising instructions for causing the computer to:
- set a hierarchical relationship between two or more elements comprising an entity;
  
  receive an indication of a security risk associated with one or more of the elements;
  
  receive a selection of an element;
  
  transmit a description of the security risk as it relates to the element selected, based upon the hierarchical relationship of elements and the indication of the security risk.

17. A computer data signal embodied in a digital data stream comprising data relating to a managing security risk, wherein the computer data signal is operative with a computer for causing the computer to:
- set a hierarchical relationship between two or more elements comprising an entity;
  
  receive an indication of a security risk associated with one or more of the elements;
  
  receive a selection of an element;
  
  transmit a description of the security risk as it relates to the element selected, based upon the hierarchical relationship of elements and the indication of the security risk.
- View Dependent Claims (18)
- - 18. The computer data signal of claim 17 wherein the data signal is generated by a method additionally comprising the step of generating a suggested action based upon the indication of a security risk and the elements comprising the entity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Goldman Sachs & Company (Goldman Sachs Group Incorporated)
Original Assignee
Goldman Sachs & Company (Goldman Sachs Group Incorporated)
Inventors
Venables, Phillip, Young, Carl

Application Number

US10/737,217
Publication Number

US 20040168086A1
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

G06Q 10/00   Administration; Management

G06Q 10/06   Resources, workflows, human...

G06Q 40/08   Insurance

Interactive security risk management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Interactive security risk management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links