Valentin Petru MĂZĂREANU, PhD.

Risk Management Researcher and Teaching Assistant

The Faculty of Economics and Business

Administration“Alexandru Ioan Cuza” University of Iasi

ADVANTAGES OF USING A DYNAMIC

RISK MANAGEMENT APPROACH

Agenda

A brief introduction to risk management

New factors leading to a new approach

Dynamic risk management (DRM) approach – premises for a

new model of risk management

A new risk management model and its practices as the main

advantages of the DRM approach

Risk Management – overview

Start-up

-Risk Management Planning

(internal & external environment)

- Risk Identification

- Quantitative Risk Assesment

- Qualitative Risk Assesment

- Risk Response Planning

(develop & implement)

- Monitoring & Control

Risk Management – deeper overview

OBJECTIVES

ORGANIZATION

ASSET

CONTROL MEASURES?

VULNERABILITY

RISK

RISK MANAGEMENT

THREAT

-Natural disaster

-Errors

-Attacks

What’s New ?Scope

(Features, Functionality)

Resources

(cost, budget)

Schedule

(Time)

QUALITY

Human Factor

(motivation)

Client

(speed vs. price)

Methodology

(PMI, Prince2)

Scope

(Features, Functionality)

Resources

(cost, budget)

Schedule

(Time)

From IRON TRIANGLE to IRON DIAMOND

INFORMATION SYSTEMS (Dependence / Addicted)

the increasing use of information and communication

technology and electronic business development;

the development of wireless communication technologies

and the fact that organizations use these technologies in their

business models;

the increasing phenomenon of cybercrime and the role of

information systems security;

Moving our (professional & personal) life online

Factors leading to new approach

Web Revolution: 1.0, 2.0, 3.0 ...

Social Media … a very useful tool(?):

Networking (ex. Profesional social network)

Comunication (ex. Friednship social network)

Recruting (ex. viaTwitter)

Training (ex. skype coaching, Go2Meeting.com)

Marketing (!!! Social media is not Sales media)

...

From SaaS to Crimeware as a Service

-Where do you buy your OS ?

- HINT: DC++, Torrents, Mule etc.

Security self assessment ?!

Do you complete surveys / Do you have a social profile (eg.

Facebook, Twitter, MySpace, HI5 …)

What’s your favorite movie?

What’s your favorite book?

What’s your favorite pet?

Black Swan Theory: exploiting the high impact events (ex. Lady

Diana, Michel Jackson, president of Poloniei etc.)

Scareware (fake information about a potential virus)

Rougue atac– BUY an antivirus!

ROUGUE & Black Swan Theory

Advantages of DRM Approach: New Model

& New Practices

Start-up

Architectural analysis = Planning Phase Security issues at the time they appear

DRM Approach = Changing the

(security) Risk Management Model

Barry Boehm Model (adapted)

Using BI for faster response & better foresight

Using GIS for improving the capacity to

understand data

ps. But be aware of geo-localization (eg. Foresquare, Twitter with Gmap integrated)

Using risk management software for

deeper understanding of risk

Conclusions

Risk Management model needs to ADAPT to present times

Dynamic Risk Management acts like JUST IN TIME

Dynamic Risk Management is about using INFORMATION

SYSTEMS In risk modeling

Dynamic Risk Management requires USER AWARENESS

Thank you!

Valentin Petru MĂZĂREANU, PhD.

Risk Management Researcher and Teaching Assistant

The Faculty of Economics and Business Administration,

"Alexandru Ioan Cuza" University from Iassy, Romania

www.managementul-riscurilor.ro

Twitter: @valimazareanu