The presentation on the topic ‘Deterministic versus Probabilistic Risk in IT Risk Management’ seeks to examine the idea of risk assessment and management as it relates to operations within an information technology environment. The presentation focuses on Wells Fargo Bank as a financial institution that finds itself needing risk assessment as a way of improving overall capacity to deliver on its set out financial objectives. Specifically, the presentation embarks on an in-depth analysis of the different risk analysis and assessment models and methods used as part of ensuring organizations are able to deal with underlying risks. Firstly, the presentation reflects on the use of the Monte Carlo risk assessment model, which is seen as a model that seeks to evaluate risks based on the different scenarios to get a clear understanding of the impacts. The presentation has provided a structured analysis of this risk assessment model while reflecting on the possible outcomes touching on the process of risk assessment.
From the presentation, what is clear is that the use of the Monte Carlo model helps towards quantifying risks with the intention being towards maximizing on set out expectations while dealing with possible outcomes. In overall, this means that the Monte Carlo model has an inherent ability to offer the best possible solution when embarking on risk assessment to achieve uttermost outcomes in dealing with possible risks (Greenland, 2001). Secondly, the presentation has provided a clear analysis of deterministic risk assessment method, which is a method that evaluates risks from a single point of view. In the case of Well Fargo Bank, the use of deterministic risk assessment method would be essential in maximizing on its approaches towards viewing different risks individually. That means that organizations using this method would be limited to reflecting on risks from a limited perspective.
Delegate your assignment to our experts and they will do the rest.
The use of the deterministic risk assessment method is seen as an effective approach to risk management considering that it not only allows for evaluation of risks but also reflects on the possibility of implementing viable solutions (Kirschen, 2007). Lastly, the presentation has also provided an analysis of probabilistic risk assessment method, which is a method that evaluates all possible scenarios when dealing with an underlying risk. Wells Fargo Bank is much more likely to take advantage of this risk assessment method reflecting on the fact that it would allow for valuation of risks depending on their expected outcomes. The use of this method helps in creating best possible simulations that would be of value in ensuring that organizations adopt the best possible approaches towards dealing with the expected risks (Modarres, 2016).
On the other hand, the presentation has also evaluated how the NIST risk management framework 3-tiers ensures information security. From the information gathered, it is clear that the use of this framework allows for a holistic and comprehensive process through which to capitalize on risk management. Wells Fargo may use the NIST risk management framework with the focus being towards evaluating individual risks from the perspective of the 3 tiers to help find solutions. On the question of how data and information systems are categorized, the presentation reflects on these systems from the perspective of the usage of information stored. The two main categorizes identified are operations and management support systems with each of these systems being considered as being essential towards capitalizing on set out standards in terms of information stored.
References
Greenland, S. (2001). Sensitivity analysis, Monte Carlo risk analysis, and Bayesian uncertainty assessment. Risk Analysis , 21 (4), 579-584.
Kirschen, D. S., & Jayaweera, D. (2007). Comparison of risk-based and deterministic security assessments. IET Generation, Transmission & Distribution , 1 (4), 527-533.
Modarres, M. (2016). Risk analysis in engineering: techniques, tools, and trends . CRC Press.
