ISOL-634-22 Risk Management: Vulnerability Assessment Report

Verified

Added on 2022/08/21

AI Summary

This report, submitted by a student, provides a comprehensive overview of risk management, defining it as the process of identifying and mitigating threats to a company's assets. It explores various types of risks, including strategic, compliance, operational, financial, and reputational risks, and discusses the significance of vulnerability assessment in identifying weaknesses within systems and networks. The report highlights the difference between security, which focuses on external threats, and safety, which addresses internal factors, and explains the relationship between risk management and vulnerability assessment as tools for operational risk mitigation. The report references several academic sources to support its analysis.

Running head: RISK MANAGEMENT
Physical Security ISOL-634-22
Name of the student
Name of the university
Author note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1RISK MANAGEMENT
Risk management
Aven, (2016) states that risk management is the process of recognising, examining and
regulating threats to any company’s earnings and capital. There are variety of sources which may
led to risks and threats which includes factors such as legal liability, financial uncertainty,
accidents, natural disaster and strategic management errors. In financial aspect, it deals with the
uncertainties while making investment decisions (Hopkin, 2018). Risk management is an
ongoing process and helps a firm in realising their objectives by reducing or eliminating all the
hindrances.
As stated by Rampini, Viswanathan and Vuillemey, (2019), there are multiple types of
risks faced by an organisation and they have been classified as strategic risk, compliance risk,
operational risk, financial risk and reputational risk. A company faces strategic risk when their
strategies lose their effectiveness. On the other hand, compliance risk consist of the risk faced by
the firms due to the change in rules and regulation in the operating environment. Operational risk
refers to failure in daily operation of an organisation unexpectedly (Rampini, Viswanathan &
Vuillemey, 2019). Risks are always associated with financial implication and any risk comes
added financial burden which can be defined as financial risk. Finally, reputational risk refers the
risk to the wellbeing and reputation of a company which they have built over the years.
Vulnerability assessment
According to Hare et al., (2016), vulnerability assessment is the procedure of describing,
recognising, categorising and ordering vulnerability within applications, network infrastructures
and computer systems. It offers the firm with the awareness, risk background and knowledge to
understand the threats to its business environment. Therefore, they can react accordingly based
on the vulnerabilities identified.
A vulnerability test assessment includes use of automated testing tools which are
responsible for identifying the risks and threats such as network security scanners. Organisations
be it small, medium or large and even individuals face risk from cyber-attacks. Vulnerability test
is an effective way of saving organisations from cyber-attacks, especially multinational
organisations as they are constantly under risk (Fawcett et al., 2017). It provides the organisation
with various information on weaknesses in security. It provides direction of solving and

2RISK MANAGEMENT
mitigating risk by understanding security flaws, assets and risks. Vulnerability assessment can be
divided into host based scans, network based scans, wireless network scans, database scans and
application scans.
Difference between security and safety
The primary difference between security and safety lies within their definition. Security
can be defined as the protection of organisations, properties and individuals from any external
threat which may cause harm. It shows that security mainly focuses on external factors which
may cause trouble for the organisation (Jore, 2019). On the contrary, the feeling of being
protected from various factors causing harm is known as safety. An individual or organisation
feels safe when which risk factors can be controlled. Safety deals with the emotional aspect
while security deals with the physical aspect. Moreover, security comes from external factors
whereas safety deals with the internal factors. Therefore, in order to ensure security the external
factors have to be mitigated whereas in case of safety, the internal factor with organisations may
result in lack of safety.
Relationship between risk management and vulnerability assessment
Risk management is the process of mitigating risks, both external and internal whereas
vulnerability assessment is the tool used to evaluated and identify various risk factors.
Vulnerability assessment only deals with operational risk factors associated with assets. The
vulnerability report provides an understanding of the possible weaknesses and risk factors within
an organisation’s operations (Karagiorgos et al., 2016). However, risk management is used
mitigating risk in various aspects where operation is just a part. Moreover, vulnerability
assessment mainly focuses on applications, network infrastructures and computer systems.
Therefore, it can be concluded vulnerability assessment is the tool for analysing various
organisational operational risk factors.

3RISK MANAGEMENT
References
Aven, T. (2016). Risk assessment and risk management: Review of recent advances on their
foundation. European Journal of Operational Research, 253(1), 1-13.
Fawcett, D., Pearce, T., Ford, J.D. and Archer, L., 2017. Operationalizing longitudinal
approaches to climate change vulnerability assessment. Global Environmental
Change, 45, pp.79-88.
Hare, J. A., Morrison, W. E., Nelson, M. W., Stachura, M. M., Teeters, E. J., Griffis, R. B., ... &
Chute, A. S. (2016). A vulnerability assessment of fish and invertebrates to climate
change on the Northeast US Continental Shelf. PloS one, 11(2), e0146756.
Hopkin, P., 2018. Fundamentals of risk management: understanding, evaluating and
implementing effective risk management. Kogan Page Publishers.
Jore, S. H. (2019). The conceptual and scientific demarcation of security in contrast to
safety. European Journal for Security Research, 4(1), 157-174.
Karagiorgos, K., Thaler, T., Hübl, J., Maris, F., & Fuchs, S. (2016). Multi-vulnerability analysis
for flash flood risk management. Natural Hazards, 82(1), 63-87.
Rampini, A. A., Viswanathan, S., & Vuillemey, G. (2019). Risk management in financial
institutions. The Journal of Finance.