• Journal of the Society of Disaster Information
• /
• v.15 no.3
• /
• pp.367-379
• /
• 2019

Purpose: This study aims to propose a framework for climate change risk management by analyzing characteristics of climate-induced disasters. Method: The recent global and domestic trends of loss and damage under natural disaster events and the characteristics of climate-induced disasters were analyzed to design a framework for climate change risk management. Results: In consideration of the uncertainty of climate risk and various spatio-temporal scales of climate disasters, a new framework is suggested for comprehensive climate risk management that includes risk assessment, goal setting, planning, monitoring and evaluation, learning and adjustment. The framework aims at an iterative process that is activated by stakeholder engagement. Conclusion: Pilot studies need to be conducted to revise and polish the framework in the future, and institutional arrangements should be prepared for the effective implementation of the comprehensive climate risk management.

• Journal of Digital Convergence
• /
• v.17 no.1
• /
• pp.141-148
• /
• 2019

The advancement of digital technology accelerates intelligence, convergence, and demands better change beyond traditional methods in all aspects of business models and technologies, infrastructure, processes, and platforms. Risk management is becoming more important because of various security risks, depending on the changing business environment and aligned to business goals is emerging from the existing information asset based risk management. For business aligned risk management, it is essential to understand the risk appetite for achieving business goals, which provides a basis for decision-making in subsequent risk management processes. In this paper, we propose a framework for analyzing the risk management framework, pre - existing risk analysis, and protection motivation theory that influences decisions on security risk management. To examine the practical feasibility of the developed risk appetite framework, we reviewed the applicability and significance of the proposed risk appetite framework through an advisory committee composed of security risk management specialists.

• International Journal of Quality Innovation
• /
• v.10 no.2
• /
• pp.1-17
• /
• 2009

This paper presents a theoretical research framework that was used to analyse operational risk management (ORM) system practices in Australia. It provides a new perspective on how to use national and international operational management system standards as a basis for systematic management of operational risks. Based on the extensive literature review and the analysis of operational risk management system practices that are common in Australian organisations, this paper identifies the critical factors for effective use of an ORM system. The proposed framework could also be used as a model to research ORM system applications in other countries.

• Journal of the Korean Society of Marine Environment & Safety
• /
• v.21 no.3
• /
• pp.283-289
• /
• 2015

This paper provides a study on the application and proposals of safety culture, new public management and social amplification of risk framework via ship accidents in Korea. This document analyzes what are the concept of safety culture, new public management as well as social amplification and risk framework and describes how 3 issues act, harmonize, interrelate through M/V Sewol accident. Korean government is needed to apply social amplification of risk framework to the in order to promote the safety culture in the maritime administration. Hence, this paper proposes safety framework in order to prevent and resolve future unexpected accident especially for maritime field.

• The Journal of Asian Finance, Economics and Business
• /
• v.5 no.3
• /
• pp.185-193
• /
• 2018

This paper aims to explore the risk governance framework and socially viable solutions, attempting to provide guidance for the decision making process. The key idea of this study start with overcoming the limitations of IRGC risk governance framework, which mainly focuses on a comprehensive framework for risk governance. This article has employed SWOT analysis as a methodology, which is a strategic planning technique used to help identifying the strengths, weaknesses, opportunities, and threats related to business competition or risk management. In this paper, socially viable solutions as an alternative plan place emphasis on the adoption of concern assessment through a concerns table. It is also proposed that scoping has to get introduced, with SWOT analysis in the process. The results of this paper support that multiple stakeholders have to participate in the process of identifying and framing risk and communicating with each other, considering the context. It should be noted that communities can become involved and take important parts in decision making process in various ways. It is recommended that engaging stakeholders to both risk assessment and risk management is material to dealing with risk in a socially viable way. It also implies that the community-based disaster management should be better prepared for the decision making process in socially viable solutions.

• The Korean Journal of Archival Studies
• /
• no.27
• /
• pp.119-168
• /
• 2011

This paper proposed risk management approach as a self-audit framework to achieve the goals which might be common among the records management organizations in Korea governmental and public area. After introducing the history and the concept and process of risk management approach and examining DRAMBORA's framework, the processes and the methods of risk management for the electronic records which are customized from DRAMBORA are explained in details: How to define the business context of organizations, how to determine the business functions and activities and related risks, how to assess the level or severity of each risks and some considerations related to risk assessment. As a result, this paper shows that application of DRAMBORA's framework to the electronic records management organizatioins is not only possible but also useful and effective. The critical point for the success of application for DRAMBORA's framwork or the risk management approach itself each organizations which wants to accept that framework should define its own business functions and activities and the goals in respect areas.

• International conference on construction engineering and project management
• /
• 2007.03a
• /
• pp.729-738
• /
• 2007

The Public Private Partnership/Private Finance Initiative (PPP/PFI) schemes have made the private sector become a major participant involved in the development of infrastructure systems along with the government. Due to more integrated efforts among project participants and longer concession period, PPP/PFI projects are inherently more complex and risky. It is therefore very important to proactively manage the risks involved throughout the project life cycle. Conventional risk management strategies sometimes ignore managerial flexibility in the planning and execution process. This paper starts with a revised risk management framework which incorporates the real option concept. Following the presentation of the framework, a new risk classification is proposed which leads to different ways of structuring options in a project according to the stage of the project life cycle. Finally, the paper closes by discussing other issues concerning option modeling and negotiation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.1
• /
• pp.406-434
• /
• 2019

In general, an information security approach estimates the risk, where the risk is to occur due to an unusual event, and the associated consequences for cloud organization. Information Security and Risk Management (ISRA) practices vary among cloud organizations and disciplines. There are several approaches to compare existing risk management methods for cloud organizations but their scope is limited considering stereo type criteria, rather than developing an agent based task that considers all aspects of the associated risk. It is the lack of considering all existing renowned risk management frameworks, their proper comparison, and agent techniques that motivates this research. This paper proposes Agent Based Information Security Framework for Hybrid Cloud Computing as an all-inclusive method including cloud related methods to review and compare existing different renowned methods for cloud computing risk issues and by adding new tasks from surveyed methods. The concepts of software agent and intelligent agent have been introduced that fetch/collect accurate information used in framework and to develop a decision system that facilitates the organization to take decision against threat agent on the basis of information provided by the security agents. The scope of this research primarily considers risk assessment methods that focus on assets, potential threats, vulnerabilities and their associated measures to calculate consequences. After in-depth comparison of renowned ISRA methods with ABISF, we have found that ISO/IEC 27005:2011 is the most appropriate approach among existing ISRA methods. The proposed framework was implemented using fuzzy inference system based upon fuzzy set theory, and MATLAB(R) fuzzy logic rules were used to test the framework. The fuzzy results confirm that proposed framework could be used for information security in cloud computing environment.

• Industrial Engineering and Management Systems
• /
• v.13 no.2
• /
• pp.203-209
• /
• 2014

This research designed and implemented a supply chain risk management platform and applied it to a case study of reduced-fat Lanna pork sausage as a new product development project. The proposed framework has three stages: risk identification, risk assessment, and risk mitigation. Seventeen risk agents with 17 risk events were identified based on SWOT analysis and the Porter Five Forces concept through the process of planning, sourcing, making and delivering, partially captured from the supply chain operations reference model in the first stage. In the second stage, an house of risk (HOR) framework was applied to present the impacts of each risk agent. In the third stage, eight risk agents with high impact were selected to design 21 preventive actions. Finally, three preventive actions with the highest effectiveness to difficulty ratio scores-'sales evaluation of familiar products', 'increasing distribution channels and promotions to improve sales', and 'work flow improvement for work safety'-were then recommended for this new product development.

• International Journal of Computer Science & Network Security
• /
• v.24 no.5
• /
• pp.73-78
• /
• 2024

COVID-19 pandemic outbreak increased the use of Internet of Medical Things (IoMT), but the existing IoMT solutions are not free from attacks. This paper proposes a secure and resilient framework for IoMT, it computes the risk using Risk Impact Parameters (RIP) and Risk is also calculated based upon the Threat Events in the Internet of Medical Things (IoMT). UICC (Universal Integrated Circuit Card) and TPM (Trusted Platform Module) are used to ensure security in IoMT. PILAR Risk Management Tool is used to perform qualitative and quantitative risk analysis. It is designed to support the risk management process along long periods, providing incremental analysis as the safeguards improve.