×

Overall risk in a system

  • US 20050114186A1
  • Filed: 11/09/2004
  • Published: 05/26/2005
  • Est. Priority Date: 03/29/2001
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method for assessing a single value representative of an overall risk in at least part of an information technology system comprising:

  • (a) inputting into a risk assessment database a plurality of risks identified in the information technology system by utilizing at least one computer having a risk analysis program;

    (b) associating the plurality of risks to at least one severity band in a risk echelon and storing said association in a memory storage device;

    (c) assigning a value to each of the plurality of risks;

    (d) for each assigned risk value, multiplying the assigned risk value by a corresponding coefficient factor determined according to the risk value, the associated severity band for the assigned risk value, and a rank of the risk within the at least one severity band, each coefficient factor having a decreasing magnitude from a coefficient factor corresponding to a highest risk value to a coefficient factor corresponding to a lowest risk value;

    (e) adding the factored risk values to determine the overall risk by utilizing the risk analysis program;

    (f) outputting an indication of the overall risk in a humanly readable form; and

    (g) based on the overall risk, identifying a modification to the information technology system.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×