Risk analysis in cost planning and its effect on efficiency in capital cost budgeting

Builds on earlier work which reported on the experience of the Hong Kong Government in using risk analysis techniques in capital cost estimating. In 1993 the Hong Kong Government implemented a methodology for capital cost estimating using risk analysis (ERA) in its public works planning. This calculated amount replaces the pre-1993 contingency allowance, which was merely a percentage addition on top of the base estimate of a project. Adopts a team approach to identify, classify and cost the uncertainties associated with a project. The sum of the average risk allowance for the identified risk events thus becomes the contingency. A study of the effect of ERA was carried out to compare the variability and consistency of the contingency estimates between non-ERA and ERA projects. The preliminary results of a survey showed a highly significant difference in variation and consistency between these groups. This analysis indicates the successful use of the ERA method for public works projects to reduce unnecessary and  exaggerated allowance for risk. However, the contingency allowance for ERA projects was also considered high. Adds data from the UK with descriptions of 41 private sector projects which fall into the non-ERA category and reflect better performance in the determining of contingency allowances.

A risk analysis model to reduce computer security risks among healthcare organizations

The paper describes the on-going development of a new computer-based security risk analysis methodology that may be used to determine the computer security requirements of medical computer systems. The methodology has been developed for use within healthcare, with particular emphasis placed upon protecting medical information systems. The paper goes on to describe some of the problems with existing automated risk analysis systems, and how the ODESSA system may overcome the majority of these problems. Examples of security scenarios are also presented.

The case for pre-mediation caucusing and a written risk analysis: an arranged marriage can be tempting.

This paper formed the basis of a presentation to the Law Institute, Victoria, on 11 November 2002. The motivation for this paper has come from the recent writings of Laurence Boulle/. J. H. Wade4. and Gegorio Billikopf-Eucina5 • In addition to the acumen contained in the writings of the three authors above, this paper is laced with assertions and anecdotal evidence derived from the authors' experience in a variety of negotiation and mediation settings.

A conceptual approach to information warfare : security risk analysis

With information warfare (IW) becoming a reality, the need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. With the shift from computer security to information warfare, logical transformation models (LTMS) were looked at as a solution to quantifying information system requirements. The paper will introduce the concepts involved with fourth generational models and it's application to IW. The basic advantages and disadvantages will also be discussed and presented.

CIIP-RAM - a step-wise security risk analysis methodology for critical information infrastructure protection

Wilh the protection of critical information infrastructure becoming a priority for all levels of management. there is a need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. The fourth generation security risk analysis melhod which copes wilh the shift from computer/information security to critical information iinfrastructure protectionl is lhe next step toward handling security risk at all levels. The paper will present the methodology of
fourth generation models and their application to critical information infrastructure protection and the associated advantagess of this methodology.

A risk analysis approach to critical information infrastructure protection

Critical Information Infrastructure (CII) has become a priority for all levels of management, It is one of the key components of efficient business and business continuity plans. There is a need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. Critical Information Infrastructure Protection - Risk Analysis Methodology
(ClIP-RAM), is a new security risk analysis method which copes with the shift from computer/information security to critical information infrastructure protection. This type of methodology is the next step toward handling information technology security risk at all levels from upper management information security down to firewall configurations. The paper will present the methodology of the new techniques and their application to critical information infrastructure protection. The associated advantages of this methodology will also be discussed.

Rock slope risk analysis based on non-linear failure criterion

The probability of failure of a rock slope is generally estimated by using the Limit Equilibrium Method (LEM) in conjunction with a reliability analysis. Although the LEM is relatively simple and time efficient, recent studies have indicated that using the LEM may overestimate the factor of safety by 21%, when based on a non-linear failure criterion. Fortunately, the solutions presented by Li et al. (2008, 2009) can provide more accurate evaluations for rock slope stability as the numerical upper and lower bound limit analysis methods (2002a, 2002b, 2005) were employed. The advantages of these methods are used in this study to assess the rock slope probability of failure. The motivation is that with more accurate methods to evaluate the factor of safety, more economic designs can be performed.