The Method of Determination of the Risk - Essay Example

The Language of Security In an organization, the success is defined by the capability of the different parts of the system to be able to achieve the main purpose, mission and vision that is set in the establishment of such organization. In the proper functioning of the system then, the synergy of the different parts can then be considered as the main cause of the attainment of every goal. For that matter, the functioning of the different parts and the act and force of unity can then be considered as the vital role within the system. Included in the main mission of the company is the maintenance and security of the system for the achievement of the goal (Miner, 2002). In that case every part has an important function. Included in the said function is the security of the system. The said function can be considered as a superseding role wherein every division and component of the system requires the application of the established security mechanism. The function of the security system then is to work in synergy with the different components of the organization. One of the main concern that can be considered as the basis for the initiative of the study undertaken is the query regarding the conflict between the language of security and the other areas of the organization. If the said concern holds true, the main role of a security system is forfeited since there is a failure in application of the said mechanism for security. The organization, then, remains to be susceptible to different attacks and problems in security. Risk Management In the scenario that the organization becomes endangered to attacks, the situational measures are needed to be undertaken. Incorporated in the said measures are the possible ways to access and resolve cases of organizational. Risk management is the main process that can be considered as the main strategy of the organizations and companies to be able to achieve and maintain security in the systems. Commonly, the process contains planning and then implementation. Also in cases wherein problems may arise, contingency plans can be utilized. The security measures undertaken and can be considered incorporated in the methods of risk management is perceived to safeguard the financial stability of an organization. The establishment of such divisions in an organization started as an action to be able to prepare the system against dangers on the financial status of the organization. In the process that can be considered of equal importance as the establishment of contingency methods, the determination of the value at risk is vital (Culp, 2001) The value at risk can be considered a main concern prior to the risk management itself. The method of determination of the risk that can be undertaken by the organization can be considered vital on the basis that the problems that can be faced by the company can be estimated. There are important processes that are incorporated in the determination of the possible risks in an organization as well as the management and contingency plans. The main target of such process includes issues such as possible conflicts between shareholders, the cooperation of the creditors and the managers of the different divisions and departments within the organization itself (Culp, 2001; Jones and Ashenden, 2005). Based on the concepts and notions regarding risk management, it can then be perceived that the role of the said system cannot be separated from the main functioning of the organization. In terms of the notion that conflicts can arise in the security systems of an organization as well as the functions of the other divisions within the organization, actions to resolve such situations are needed to be prepared. Being in a successful risk management system can be equated to acquiring a balance in the different systems. In perceiving the rules of the security system then, it is vital that there is knowledge of the processes occurring in other subdivisions in the organization. It can then be considered as a multidisciplinary system with responsibility over the whole organization (Jones and Ashenden, 2005). To generalize the main role of the risk management, then, it can be perceived to mainly target the security of the whole system. This can be attributed to the fact that bridge of information in any division and department within the organization can have detrimental effects to the functioning of the whole system. For that matter, the risks of possible failures in the security of the organization is the main issue that security systems are preparing for. Thus, different departments are well studied and different resolutions for possible cases of security bridges are planned. The Vital Role of the Security System The most important component of risk management is the security system. It was perceived that as the risk assessment of security systems is concluded in the ultimate focus is commonly regarding the security of the information. Due to the said results, in terms of the risk management in an organization, the major attention is given to the safeguarding of the classified information of the company. This notion can also be related to the fact that information technology takes the front seat in the most important technologies. This explicitly can be attributed to the fact that classified information can be a power, thus a target of groups that aim to access power over the organization (Jones and Ashenden, 2005). Upon the determination then of the main and vital role of the establishment of a security system, it can be perceived and generalize that at any level and subdivision of the organization, securing the systems can be equated to securing important and classified information that can be of importance to the functioning of the whole system and organization. For that matter, the pressing function of the risk managers and security system of an organization then is to be able to establishment of an information and communication system with an exclusivity that cannot be accessed by the externals environment. In the determination of the vital role of the security system, a new challenge had risen. This is the establishment of a communication system within the organization that can clearly make communication efficient, yet with safety precautions and exclusivity from components outside the system. Aside from the issue that necessitates the incorporation of the advance information technology, the main concern then in the application and utilization of a security system is the capability to be incorporated to the other subdivisions and units in the organization. This is the main concern due to the fact that if the synergy and unity of every components of a system is not achieved, the main definition of an organization of having a single mission and vision is lost. The ultimate idea that cab be achieved in the determination of the vital role of the security system is the importance of securing the information system of the company. It can then be expressed that communication is of has an important role in the achievement of the goals of the organization and the maintenance of a secured information system. Communication and Its Role in the Security System Due to the important role that can be pointed out in the application of a communication system, the vitality of communication in an organization can then be perceived. Upon in depth examination of the possible roles of communication in the security and risk management system, it can be perceived that communication has different modes of application. An organization has core processes and other processes that can be considered non-core but administrative processes. Both situations require the application of an effective communication tool. The core processes can be considered to work for the main goals and ends of the company. For example, if a company is a profitable manufacturer of a particular product, the core processes can be considered as the main operational procedures that incorporates the ways, means and phases in the production of the particular product. On the other hand, the processes that can be considered as non-core processes are the administrative requirements that are vital to be able to progress to the core processes such as security and environmental requirements (Jones and Ashenden, 2005; The Alliance for Enterprise Security Risk Management, 2005). The core processes and the administrative processes require the application of a communication system individually. This can be attributed to the fact that the establishment of security systems are considered non-core processes but can be considered vital for the functioning of the whole system and the attainment of the goals of the organization. Based on application, the communication process in an organization can then be classified on the basis of the function. One is the communication process or language that is used by the security system to be able to reach out to the other components of the organization. This can be considered vital on the basis of different reasons. One is to be able to convey the methods and techniques that are needed to be undertaken in the risk management and security language. Another is to be able to warrant cooperation of the different units and members of the organization (Jones and Ashenden, 2005). Application of Communication In the determination of the main application of communication in the security systems and the risk management, it can be referred to as the language of security. This can be attributed to the fact that in spite of the conflicts that can arise in terms of understanding and application of the system, maximization can still be achieved if the proper instructions can be provided. Also the willingness of the different units of an organization to apply different and modern techniques is also vital. In terms of such cases wherein the new acquired knowledge and method can still be considered as technical, it is important for the whole organization to be able to understand the activities that are needed to be undertaken. In a large organization that can be considered to have complex operational systems, security systems are made for every units and subdivisions to be able to maximize the security process and the risk management procedures. In terms of the workflow then to be able to transfer and access of information from the organization and also within, needs to consider a number of security systems (Ribeiro and Guedes, 1999) The main role of communication facility in security systems then is to be able to lessen the load and difficulties in terms of the exchange of information between the two systems (Culp, 2001; Jones and Ashenden, 2005). The communication tool can be considered as a system that can secure information system. One of the examples that can be sited as a means of communication and language of security is the Workflow Process Definition Language, also referred to as WPDL (Ribeiro and Guedes, 1999). A complete communication system is composed of the message relayed, the source, the destination and the verification system that determines and tool to authenticate the message To be able to achieve the main goal of communication and security systems it is important to consider different perspectives of different groups of people specifically those included in the system due to the fact that reaching out to them can improve the system. Another is the consideration of the different processes in the system as well as the technology applied both as present and those that are new technologies than can be incorporated. It can then be considered that communication is the totality of different methods undertaken to be able to achieve the security required from the system. Communication means security within the system and in the units that are needed to be connected into (The Alliance for Enterprise Security Risk Management, 2005). Due to the fact that security systems are based on information and computer technology, the breaches commonly take place through the network itself. In that case, contingencies incorporate physical and virtual aspects. There are different computer viruses that can be given as example in terms of causes of security breaches but it is important to consider the fact that communication and proper interaction between units in a system can prevent such occurrence. This is vital since the reputation and the financial status of the company is commonly at risk. The need for continuously improving communication tool in a security system can be considered to have increasing urgency on the basis of certain imperatives. One of these imperatives is the continuously improving “enterprise ecosystem”, which pertains to the continuously improving system of business transactions that require increasing capabilities in terms of communication tools. One example of the new method in organizational behaviour is the force of outsourcing that continuous to increase in necessity. Another reason is the increasing need for the physical information to be stored in terms of information language. The said imperative can be considered part of the continuous effects of information technology, which although convenient increases the susceptibility of the information to security breaches. In terms of the continuous improvement of technology, another concern in the establishment of security systems are the technologies that can be used for multiple functions. In an advance state, such technology can function for multitasking thus increasing the danger for security breaches. Due to the continuously changing way of administering the processes of an organization policies are also improved. In this case, internal policies can take time and energy to be able to achieve a level of ease needed by the organization. On the other hand, external policies can hinder the capability of the organization to communicate with the system. Lastly, the cost is also important on the basis that every organization needs to estimate cost-efficiency on the basis of practicality in the management of the whole body. Conclusion Based on the study undertaken, security of the system does not directly adhere to the principles of profitability but curve an independent path that secures the financial status of the organization. For that matter, although a company ultimately targets profitability, security is a non-core process priority due to the fact that failure to maintain security within the organization is detrimental. Conflict in terms of communication between the security system and other units of the organization can be considered to be the difficulties in conveying the message on the basis of technical reasons. But other than that, the unity in maintaining the security and the safety within the organization is the main target of every units of the system. Thus, the main action that can be undertaken is to increase the effort for understanding within the organization to increase the level of unity and security. References Culp, C. L. (2001) The Risk Management Process: Business Strategy and Tactics. New York: Wiley. Gelles, M. G. and Turner, J. T. (2003) Threat Assessment: A Risk Management Approach. Haworth Press. Jones, A. and Ashenden, D. (2005). Risk Management for Computer Security: Protecting Your Network and Information Assets. Elsevier. Miner, J. B. (2002) Organizational Behavior: Foundations, Theories, and Analyses. New York: Oxford University Press. Ribeiro, C. and Guedes, P. (1999) Verifying Workflow Processes against Organization Security Policies. In IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises. The Alliance for Enterprise Security Risk Management (2005) Convergence of Enterprise Security Organizations. Booz-Allen-Hamilton. Read More