RISK

ANALYSIS
Amelyn D. Sadang
LEARNING
OUTCOMES
1.Describe the principles of risk
analysis.
2.Summarize the factors to
consider in risk analysis.
3.Discuss the importance of risk
analysis to risk assessment.

2
WHAT I KNOW?
TRUE OR FALSE
1.Risk analysis involves detailed
consideration of likelihood of an
identified risks.
2.An event can have multiple
causes and consequences which
can affect objectives.
3.Highly certain events can be
difficult to quantify.
3
WORDS TO REMEMBER
RISK
ANALYSIS
❖Risk analysis is an analytical process to
provide information regarding
undesirable events in which it
estimates probabilities and expected
consequences for identified risks.
❖An event is the occurrence or change
of a particular set of circumstances.
❖Consequence is an outcome of an
event affecting objectives.
4
A. RISK ASSESSMENT &
RISK ANALYSIS
❖The purpose of risk analysis is to
comprehend the nature of risk and
its characteristics, where
appropriate, the level of risk.
❖It involves a detailed consideration
of uncertainties, risk sources,
consequences, likelihood, events
can have multiple causes and
consequences and can affect
multiple objectives.
5
RISK ANALYSIS SHOULD
CONSIDER FACTORS SUCH AS:
❖The likelihood of events and
consequences;
❖The nature and magnitude of
consequences;
❖Complexity and connectivity;
❖Time-related factors and volatility;
❖The effective of existing controls;
and
❖Sensitivity and confidence levels.
6
 B. THREAT AND VULNERABILITY
ASSESSMENTS AND RISK ANALYSIS
❖Risk is function of the values of threat, consequence, and
vulnerability.
❖Threat assessment as consideration for the full spectrum of
threats (i.e., natural, criminal, terrorist, accidental) for a given
facility/location. Renfroe and Smith, (2016)
❖The assessment should examine supporting information to
evaluate the relative likelihood of occurrence for each threat.
❖In dealing with criminal threats, the crime rates in the activity
that might pose a threat to the facility or to an events.
❖Once the possible threats are identified, a vulnerability
assessment must be performed to consider the potential of
loss from a successful attack and vulnerability of the facility,
location, or event to an attack.
7
 AN IMPACT OF LOSS IS DEFINED AS THE DEGREE TO WHICH THE FACILITY OR
EVENT IS COMPRISED BY A SUCCESSFUL ATTACK FROM THE GIVEN THREAT,
AND IT CAN BE CATEGORIZED AS FOLLOWS:

DEVASTATING SEVERE NOTICEABLE MINOR

The facility is The facility is partially The facility is temporily The facility
damaged/contaminat damaged/contaminated closed or unable to experiences no
ed beyond habitable . operate but can significant impact on
use. Most items/assets continue without an operations (dowbtime
are lost, destroyed, or interruption of more is less than four hours)
damaged beyond than one day. and there is no loss of
repair/ restoration. major assets.

8
 VULNERABILITY

❖Defined to be a combination
of the attractiveness of a facility
or an event as a target and the
level of deterrence and/or
defense provided by the
existing countermeasures.

9
SAMPLE DEFINITIONS OF VULNERABILITY RATINGS ARE AS FOLLOWS:

VERY HIGH HIGH MODERATE LOW

This is high profile This is a high profile This is moderate profile This is not a high
facility that provides regional facility or a facility (not well known profile facility and
a very attractive moderate profile outside the local area or provides a possible
target for potential national facility that region) that provides a target and/or the level
adversaries, and the provides an defense potential target and/or the of deterrence and/or
level of deterrence provided by the level of deterrence and/or defense provided by
and/or defense existing defense provided by the the existing
provided by the countermeasures is existing countermeasures countermeasures is
existing marginally adequate. is marginally adequate. adequate.
countermeasures is
inadequate.
10
11
12
THANK YOU!