Risk control system
First Claim
1. A method for assessing risk within an organization, comprising:
- defining one or more zones, each of said one and more zones comprising an environment;
identifying one or more assets of said organization, each of said assets being located in a respective one of said zones;
conducting a respective impact assessment for each of said assers, each assessment comprising assessing the impact of the loss of said respective asset;
conducting for each of said zones a respective zone risk assessment, comprising assessing the risk level associated with placing a respective asset within said respective corresponding zone;
conducting for each asset a respective asset risk assessment, comprising assessing the risk level associated with said respective asset independent of the respective zone of saud respective asset; and
assessing risk on the basis of at least said impact assessment, said zone risk assessment and said asset risk assessments.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention provides a method for assessing risk within an organization, comprising: defining one or more zones (2), each of the one or more zones comprising an environment; identifying one or more assets (4) of the organization, each of the assets being located in a respective one of the zones; conducting a respective impact assessment (6) for each of the assets, each assessment comprising assessing the impact of the loss of the respective asset; conducting for each of the zones a respective zone risk assessment (8a), comprising assessing the risk level associated with placing a respective asset within the respective corresponding zone; and conducting for each asset a respective asset risk assessment (8b), comprising assessing the risk level associated with the respective asset independent of the respective zone of the respective asset; and assessing risk on the basis of at least the impact assessment, the zone risk assessments and the asset risk assessments. The invention also provides a risk management method, comprising assessing risk according to the method described above and managing said risk.
79 Citations
26 Claims
-
1. A method for assessing risk within an organization, comprising:
-
defining one or more zones, each of said one and more zones comprising an environment;
identifying one or more assets of said organization, each of said assets being located in a respective one of said zones;
conducting a respective impact assessment for each of said assers, each assessment comprising assessing the impact of the loss of said respective asset;
conducting for each of said zones a respective zone risk assessment, comprising assessing the risk level associated with placing a respective asset within said respective corresponding zone;
conducting for each asset a respective asset risk assessment, comprising assessing the risk level associated with said respective asset independent of the respective zone of saud respective asset; and
assessing risk on the basis of at least said impact assessment, said zone risk assessment and said asset risk assessments. - View Dependent Claims (2, 4, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 24, 25, 26)
-
-
16. An apparatus for assessing risk within an organization, comprising:
-
data input means for inputting asset information into a register of assets, each of said assets being an asset of said organization, each of said assets being located in a respective zone;
data storage for storing said register of assets, including for each of said assets said respective zone;
means for receiving or storing a respective zone risk assessment for each of said zones, said respective zone risk assessment comprising an assessment of the risk level associated with placing a respective asset within said respective corresponding zone;
means for receiving or storing a respective asset risk assessment for each asset, said respective asset risk assessment comprising an assessment of the risk level associated with said respective asset independent of the respective zone of said respective asset;
means for receiving or storing a respective impact assessment for each of said assets, each assessment comprising assessing the impact of the loss of said respective asset, and for assessing risk on the basis of at least said impact assessment, said zone risk assessments and said asset risk assessments to thereby form a risk assessment; and
output means for outputting said risk assessment. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
Specification