Documente Academic
Documente Profesional
Documente Cultură
2 25 May 2018
Bogdan Dragota, © Continental AG
1. What is Risk management
3 25 May 2018
Bogdan Dragota, © Continental AG
2. Principles of risk management
› ISO ISO 31000:2009 recommends the following target areas, or principles, that should be
part of the overall risk management process:
› The process should create value for the organization.
› It should be an integral part of the overall organizational process.
› It should factor into the company's overall decision-making process.
› It must explicitly address any uncertainty.
› It should be systematic and structured.
› It should be based on the best available information.
› It should be tailored to the project.
› It must take into account human factors, including potential errors.
› It should be transparent and all-inclusive.
› It should be adaptable to change.
› It should be continuously monitored and improved upon.
4 25 May 2018
Bogdan Dragota, © Continental AG
3. Risk Management process
5 25 May 2018
Bogdan Dragota, © Continental AG
3. Risk Management process
› Although there are different methodologies for enterprise risk management, the core
components of any risk analysis is made up of the following:
› Identify company assets
› Assign a value to each asset
› Identify each asset's vulnerabilities and associated threats
› Calculate the risk for the identified assets
› Once these steps are finished, then the risk analysis
team can identify the necessary countermeasures
to mitigate the calculated risks,
carry out cost/benefit analysis for
These countermeasures and report to
senior management their findings.
6 25 May 2018
Bogdan Dragota, © Continental AG
Risk Mitigation
7 25 May 2018
Bogdan Dragota, © Continental AG