• Journal of Information Technology Applications and Management
• /
• v.14 no.3
• /
• pp.95-113
• /
• 2007

To minimize IT operational risks and the opportunity cost for lost business hours. it is necessary to have preparedness in advance and mitigation activities for minimization of a loss due to the business discontinuity. There are few cases that banks have a policy on systematic management, system recovery and protection activities against system failure. and most developers and system administrators response based on their experience and the instinct. This article focuses on the mitigation model development for minimizing the incidents of disk unit in IT operational risks. The model will be represented by a network model which is composed of the three items as following: (1) the risk factors(causes, attributes and indicators) of IT operational risk. (2) a periodic time interval through an analysis of historical data. (3) an index or an operational regulations related to the examination of causes of an operational risk. This article will be helpful when enterprise needs to hierarchically analyze risk factors from various fields of IT(information security, information telecommunication, web application servers and so on) and develop a mitigation model. and it will also contribute to the reduction of operational risks on information systems.

• Asia pacific journal of information systems
• /
• v.13 no.4
• /
• pp.119-145
• /
• 2003

Recently, IT outsourcing has been one of the major concerns of many companies. This study proposes a model which composed the outsourcing planning and operational risks affecting the outsourcing performance. Especially, this study focused on the contractors perspective, because the outsourcing risk relative researches are recently performed on the service receivers perspective, contractors perspective researches were relatively lacked. The result of this study, outsourcing planning risks had not affected the outsourcing performance but it had positively affected the operational risks. And also, the outsourcing operational risks had negatively affected the outsourcing performance. For this reason, It is necessary to reduced planning risk induction for the outsourcing performance improvement. Because the planning risks positively affect the operational risks, it is necessary to reduced planning risk induction for the outsourcing performance improvement.

• International Journal of Quality Innovation
• /
• v.10 no.2
• /
• pp.1-17
• /
• 2009

This paper presents a theoretical research framework that was used to analyse operational risk management (ORM) system practices in Australia. It provides a new perspective on how to use national and international operational management system standards as a basis for systematic management of operational risks. Based on the extensive literature review and the analysis of operational risk management system practices that are common in Australian organisations, this paper identifies the critical factors for effective use of an ORM system. The proposed framework could also be used as a model to research ORM system applications in other countries.

• Journal of Information Technology Applications and Management
• /
• v.11 no.3
• /
• pp.35-62
• /
• 2004

Recently, IT outsouricng has been one of the major concerns of many companies. This paper explores the relationship between information technology outsourcing risk factors and outsourcing performance. It is based upon a three-phase process utilizing IPO (Input-Process-Output) system. The first phase means the outsourcing planning risks t~at arise from overall environment of outsourcing, organizational refuse, and wrong contracts. The second phase implies outsourcing operational risks, which are occurred while out-sourcing perform and consist of organizational acceptances of outsourcing, partnership and hidden costs. The last phase is outsourcing performance based on four perspective of BSC(Blanced Scored Card). The survey was performed on the IT/IS firms, and the data was collected from 53 service receivers. The result of the analysis are as follows. First, Outsourcing planning risks positively affects the operational risks. Second, Outsourcing operational risks negatively affects the Outsourcing Performance.

• The KIPS Transactions:PartD
• /
• v.14D no.6
• /
• pp.689-700
• /
• 2007

Organizations and customers lose if business activities we discontinued by an incident of information systems under the current business environment because they pursue real time enterprise and on demand enterprise. The loss includes the intangible decline in brand image, customer separation, and the tangible loss such as decrease in business profits. Thus. it is necessary to have preparedness in advance and mitigation for minimization of a loss due to the business discontinuity and information system's operational risks. This paper suggests the mitigation model for minimizing the incidents of disk unit in information system's operational risks. The model will be represented by a network model which is composed of the three items as following: (1) causes, attributes, indicators of an operational risk, (2) a periodic time through an analysis of historical data, (3) an index or a regulation related to the examination of causes of an operational risk.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.4
• /
• pp.681-694
• /
• 2014

For the continuous financial incidents occurred in 2011, Korean government has announced the amendment on electronic finance supervision regulation including human resources, organization and budget. The major part of the regulation is mainly focused on human resources and budget. It states that company has to employ at least 5 percent of IT staff out of total staff, and at least 5 percent of security staff in IT staff employment number. Budget for security should be at least 7 percent of total IT budgets. This paper studies IT outsourcing policy based on operational risks of financial industries caused by amendment of regulation. This paper provides the policy decision procedure for resolving the 3rd party problems and suggests the effective operation policy to 3rd party for the program quality improvement and case studies at the IT task classification.

• Journal of Information Technology Services
• /
• v.4 no.1
• /
• pp.129-139
• /
• 2005

This paper proposes a framework of Operational Risk-based Business Continuity System(ORBCS), and develops protection system for operational risk through operational risk assessment and loss distribution approach based on risk management guideline announced in the basel II. In order to find out financial operational risk, business processes of domestic bank are assorted by seven event factors and eight business activities so that we can construct the system. After we find out KRI(Key Risk Indicator) index, tasks and risks, we calculated risk possibility and expected cost by analyzing quantitative data, questionnaire and qualitative approach for AHP model from the past events. Furthermore, we can assume unexpected cost loss by using loss distribution approach presented in the basel II. Each bank can also assume expected loss distributions of operational risk by seven event factors and eight business activities. In this research, we choose loss distribution approach so that we can calculate operational risk. In order to explain number of case happened, we choose poisson distribution, log-normal distribution for loss cost, and estimate model for Monte-Carlo simulation. Through this process which is measured by operational risk. of ABC bank, we find out that loss distribution approach explains closer unexpected cost directly compared than internal measurement approach, and makes less unexpected cost loss.

• Atmosphere
• /
• v.34 no.2
• /
• pp.107-121
• /
• 2024

In this study, we empirically analyzed the impact of physical risks due to climate change on the soundness and operational performance of the financial industry by combining economics and climatology. Particularly, unlike previous studies, we employed the Seasonal-Trend decomposition using LOESS (STL) method to extract trends of climate-related risk variables and economic-financial variables, conducting a two-stage empirical analysis. In the first stage estimation, we found that the delinquency rate and the Bank for International Settlement (BIS) ratio of commercial banks have significant negative effects on the damage caused by natural disasters, frequency of heavy rainfall, average temperature, and number of typhoons. On the other hand, for insurance companies, the damage from natural disasters, frequency of heavy rainfall, frequency of heavy snowfall, and annual average temperature have significant negative effects on return on assets (ROA) and the risk-based capital ratio (RBC). In the second stage estimation, based on the first stage results, we predicted the soundness and operational performance indicators of commercial banks and insurance companies until 2035. According to the forecast results, the delinquency rate of commercial banks is expected to increase steadily until 2035 under assumption that recent years' trend continues until 2035. It indicates that banks' managerial risk can be seriously worsened from climate change. Also the BIS ratio is expected to decrease which also indicates weakening safety buffer against climate risks over time. Additionally, the ROA of insurance companies is expected to decrease, followed by an increase in the RBC, and then a subsequent decrease.

• Journal of the Korean Society of Safety
• /
• v.34 no.5
• /
• pp.167-174
• /
• 2019

Compared to a single nuclear power plant (NPP) risk, the commonalities existing in the multiple NPPs attribute the characteristics of the multi-unit risk. If there is no commonality among the multiple NPPs, there will be no dependency among the risks of multiple NPPs. Therefore, understanding the commonality causing multi-unit events is essential to assessing the multi-unit risk, and identifying the characteristics of the multi-unit risk is necessary not only to select the scope and method for the multi-unit risk assessment, but also to analyze the data of the multi-unit events. In order to develop Korea-specific multi-unit risk assessment technology, we analyze the multi-unit commonalities included in the operational experiences of domestic NPPs. We identified 58 cases of multi-unit events through detailed review of domestic nuclear power plant event reports over the past 10 years, and the multi-unit events were classified into six commonalities to identify Korea-specific characteristics of multi-unit events. The identified characteristics can be used to understand and manage domestic multi-unit risks. It can also be used as a basis for modeling multi-unit events for multi-unit risk assessment.

• International Journal of Reliability and Applications
• /
• v.4 no.4
• /
• pp.183-190
• /
• 2003

Rail breaks and derailments can cause a huge loss to rail players due to loss of service, revenue, property or even life. Maintenance has huge impact on reliability and safety of railroads. It is important to identify factors behind rail degradation and their risks associated with rail breaks and derailments. Development of mathematical models is essential for prediction and prevention of risks due to rail and wheel set damages, rail breaks and derailments. This paper addresses identification of hazard modes, estimation of probability of those hazards under operating, curve and environmental condition, probability of detection of potential hazards before happening and severity of those hazards for informed strategic decisions. Emphasis is put on optimal maintenance and operational decisions. Real life data is used for illustration.