1) A company's management team has done a risk assessment and identified ten risks to their operations. They have assigned significance and likelihood probabilities, identified the cost impact of incurring the risk, and the estimated the costs of installing preventive systems. The information is summarized in this table:
Identified Risk Significance Probability Likelihood Probability Cost impact Costs of installing preventive systems
A 0.40 0.35 10,000.00 30,000.00
B 0.23 0.90 12,000.00 44,000.00
C 0.88 0.30 2,000.00 1,500.00
D 0.14 0.70 30,000.00 45,000.00
E 0.30 0.80 23,000.00 11,000.00
F 0.77 0.80 20,000.00 42,000.00
G 0.21 0.18 20,000.00 22,000.00
H 0.95 0.77 50,000.00 65,000.00
I 0.90 0.95 48,000.00 10,000.00
J 0.70 0.43 78,000.00 7,000.00
a. Create a Risk Assessment Analysis Chart for these risks, similar to the chart on page 31 in chapter 2 of your text. (See sample attached)
b. Rank these risks from 1 to 10 and calculate the Risk Score for each.
c. Considering the cost impacts and the costs of installing preventive systems, which risks should management ignore (take no action to manage), and which risks should they actively plan to manage (try to mitigate the risk)?
2) Controls mitigate risks. Risks involve both threats of bad things happening and threats of good things not happening. Some controls are visible and therefore can be photographed. Photograph four different controls you observe around a college campus or in your community. For each control photographed, indicate whether the control is designed to mitigate the threat of bad things happening or the threat of good things not happening. Briefly describe the objective the control is designed to achieve and the risk the control is designed to mitigate. If applicable, describe how the control is meant to operate and how you would test the control to determine if it is operating effectively.
1a) Excel was used to create the chart. The Excel file is attached.
b) Risk Score = Significance X Likelihood
The calculations are shown in Excel.
The projects have been ranked from 1 to 10, based on the Risk Score. The highest Risk Score is ranked 1 while the lowest is ranked 10.
c) There are many ways to determine which risks management should ignore and which they should actively manager. One way is given below.
Perform a cost-benefit analysis. A new column named with costs has been created.
With costs = (Risk score) X (Cost impact) / (Cost of installing preventive systems)
The higher the ...
Answered in 396 words. An Excel file with calculations and a Risk Assessment Analysis Chart is attached. A Word file with 4 photos and explanation of threats is attached.