This book provides a comprehensive introduction to the principles of integrated risk management across three main domains: enterprise, infrastructure/institutional, and program/project risk management. It sets out to define the types of risk that are applicable to each domain, including strategic risk, operations risk, compliance risk, cybersecurity risk, and safety risk, among many others. Using demonstrative examples, the book identifies vulnerabilities in different risk management models, suggests in detail the means for correcting them, and introduces the concept of unknown and underappreciated (U/U) risks that need to be considered in addition to known risks. Then, it goes on to draw on perspectives from a range of disciplines, including systems engineering (SE), expert judgment elicitation, Monte Carlo simulation techniques, and applied statistics, to illustrate how such risks can be evaluated, aggregated, and mitigated. Drawing from experience gained during the NASA space shuttle program, as well as other high-tech programs involving space exploration, commercial nuclear reactors, and strategic weapon systems, Allan Benjamin demonstrates these concepts qualitatively and quantitatively in a set of detailed examples from governmental and industrial settings.
Concepts of Risk Management for Large High-Tech Organizations.- Explanation and Characterization of Key Terms and Concepts.- Articulation of Aggregate Risk, Risk Tolerance Posture, and Risk Posture.- Development and Implementation of Integrated Models for the Calculation Of Aggregate Risks and Determination of Risk Drivers.- Adjusting the Predicted Aggregate Risks to Account for Unknown and Underappreciated Risks, Part 1: General Considerations, Cost, and Schedule.- Adjusting the Predicted Aggregate Risks to Account for Unknown and Underappreciated Risks, Part 2: Safety and Reliability.- Processes for Optimally Balancing Risks Against Opportunities in Strategic Portfolio Planning.- Continuous Risk Management, Part 1: Models and Simulation Processes.- Special Considerations for Risks Associated with Cyberattacks.- Continuous Risk Management, Part 2: Internal Controls, Risk Mitigations, and Mission-Advancing Opportunities.- Graded Analysis and Screening Analysis Approaches.- Example No. 1 on Accounting for Dependencies between Risk Scenarios.- Example No. 2 on Multi-Year Milestone Risk Analysis.- Example No. 3 on Designing for Optimally Balanced Risks.- An Epilog on Cross-Organizational Interactions and Risk Communication.
Height:
Width:
Spine:
Weight:0.00