Category: 

What Are the Different Types of Risk Analysis?

Article Details
  • Written By: Kristie Lorette
  • Edited By: O. Wallace
  • Last Modified Date: 29 August 2014
  • Copyright Protected:
    2003-2014
    Conjecture Corporation
  • Print this Article
Free Widgets for your Site/Blog
Bill Clinton met John F. Kennedy when he was 16.  more...

September 2 ,  1666 :  The "Great Fire of London" burned down more than 13,000 buildings, including St. Paul's   more...

Risk analysis is the process that a company goes through to assess internal and external factors that may affect the business productivity, profitability and operations. Two primary types of risk analysis exist. These two broad categories are qualitative and quantitative risk analysis. By assessing these risks, companies can put plans into place on how to avoid and manage the risks.

Qualitative risk analysis is comprised of six primary parts. Elements of qualitative risk include threats, attacks, vulnerability, control, impact and business impact. A company needs to assess all of these elements as a comprehensive package to evaluate the qualitative risks the company has.

To illustrate how companies conduct qualitative risk analysis, assume that a credit card company has computer records on 10,000 to 500,000 customers, at any given time. The first risk is that numerous employees in different departments have access to all of this personal customer information.

When the auditors show up at the credit card company, the problem the auditors find, the risk is that the files do not contain encrypted information. This means that when the information is sent to the business web server and when it sits on the database, it is at risk. The information is at risk from the employees or external hackers from obtaining personal

Ad

Quantitative risk analysis is more focused on the facts, figures and data associated with the business. The two primary subcategories of quantitative analysis is the probability of the risk occurring and the likelihood of a loss if the risk in fact occurs.

For example, a health insurance company office that has 1,000 patient files in house would need to assess the risk if there is a confidentiality breach. Assume that in this case the health insurance records are housed on a single database. Further assume that the database is compromised by a hacker breaking into the database. Essentially, this exposes the 1,000 patient files, personal information, medical and insurance records to the hacker.

Assume that the insurance company office places a dollar value of $30 US Dollars (USD) for rectifying each of the patient files. The cost of $30 USD covers everything from changing the patient account numbers and printing out new health insurance cards to contacting each of the patients to inform them of what happened. When conducting a quantitative risk analysis, the answer is $30,000 USD. This is the amount of loss to the health insurance company office for the breach of its database.

Once the powers that be conduct a risk analysis, it is then important for plans to be put in place on how to manage the risk. For example, with the qualitative risk illustration, the credit card company has to employ a system or install a program that automatically encrypts its customer data.

Ad

More from Wisegeek

You might also Like

Discuss this Article

Soulfox
Post 2
@Melonlity -- There is an essential problem with risk analysis when it comes to banks or, indeed, any company that extends credit as a central part of its mission. Namely, allowing too much risk results in a lot of defaulting borrowers while assuming too little risk means credit is not available in such a manner that the company can turn a profit.

The trick of all creditors, then, is to find that balance. That is where the true debate is and has always been.

Melonlity
Post 1

The quantitative risk analysis issue seemed to come into play during every housing market crisis of the 20th and 21st century. The notion is that risk analysis gone awry leads to foreclosure, chaos and recessions.

The federal government and the mortgage industry have struggled with the "risk" aspect of that business for a couple of centuries now. Expect that to continue.

Post your comments

Post Anonymously

Login

username
password
forgot password?

Register

username
password
confirm
email