4815 results about "Risk assessment" patented technology

A privacy impact assessment is performed to determine and implement privacy requirements for any information resource that uses personal information. Data may be collected and analyzed regarding the information resource and the personal information, and applicable laws, regulations, and policies may be considered to determine privacy requirements. Such requirements may include, for example, access controls, information retention periods, systems requirements, and risk assessments.

In accordance with an embodiment of the present invention, a network system for monitoring driving behavior comprises one or more vehicle-mountable motion sensing mechanisms that generate a plurality of data relevant to vehicle moving attitude. The data being indicative of manual or mental risks for a vehicle operator is wirelessly transmittable. The network system also comprises a central data processing system that collects the data transmitted from the motion sensing mechanisms. A risk assessment engine operatively coupled to the central data processing system analyzes the collected data to determine the manual or mental risks. The central data processing system further comprises a feedback engine operable to yield indicia based on the analyzed data that is reportable to the vehicle operator or an authorized data recipient. A reward engine operatively coupled to the feedback engine provides incentives to encourage good or improved driving behavior.

Exemplary embodiments of the present invention provide a method of health insurance market risk assessment including receiving first data including demographic and cost data for members of a health insurance plan in a current market, receiving second data including demographic data for the current market, and receiving third data including demographic data for a new market. The first to third data are used to transform a distribution of the plan members to account for differences between the current and new market demographic data and to estimate probabilities of enrollment in the new market. A statistical model is learned to predict risk in the new market using the transformed distribution and the estimated probabilities. The statistical model is used to determine risk of entering the new market.

Managing a vendor may comprise identifying a product to be supplied to an entity. Risk elements associated with the product may be determined by performing a product category-driven risk assessment. A transaction level risk assessment is performed for one or more vendors proposed to supply the product to the entity. At least one management action is determined for reducing risk for a risk element of the plurality of risk elements associated with supplying the product to the entity by a selected vendor from a group comprising the one or more vendors proposed to the supply the product to the entity, wherein the at least one management action is determined according to results of the product category-driven risk assessment and the transaction level risk assessment for the selected entity. A vendor level quality plan for the selected vendor is created that comprises the at least one management action.

The present invention relates generally to the field of improvement in the driving risk assessment arts. More particularly, but not by way of limitation, the present invention generally relates to a method of rating the driving risks of individuals based on that driver's actual driving record as obtained from his or her fellow drivers.

An apparatus is provided for evaluating risk to an organization. The apparatus includes a plurality of governmental rules directed to protecting shareholders, a plurality of security domains of the organization wherein each security domain is associated with a different asset of the organization and a request for an information risk assessment within at least one of the plurality of security domains of the organization formed under the plurality of governmental rules from a set of initializing inputs. The apparatus further includes a information risk assessment plan formed from the request for the information risk assessment, a set of information assessment templates and test cases formed from the information risk assessment plan, a set of information risk assessment tests conducted on the IT system using the assessment templates and test cases, a set of test results generated by the risk assessment tests, one or more security control gaps identified by the assessment responses and one or more gap remediation plans formed from the identified security gaps.

A method for securing an IT (information technology) system using a set of methods for knowledge extraction, event detection, risk estimation and explanation for ranking cyber-alerts which includes a method to explain the relationship (or an attack pathway) from an entity (user or host) and an event context to another entity (a high-value resource) and an event context (attack or service failure).

Systems, methods, and program product to perform a cyber security risk assessment on a plurality of process control networks and systems comprising a plurality of primary network assets at an industrial process facility, are provided. An example of a system and program product can include an industrial and process control systems scanning module configured to identify networks and systems topology and to execute system and network security, vulnerability, virus, link congestion, node congestion analysis to thereby detect susceptibility to know threats to define potential vulnerabilities; a threats to vulnerabilities likelihood and consequences data repository module configured to determine a likelihood of each of a plurality of known threats exploiting identified vulnerabilities and to identify consequences of the exploitation to individual impacted systems and to overall plant operation; and a risk level evaluator module configured to determine a risk level rating for any identified vulnerabilities and provide recommended corrective actions.

The invention relates to a method for evaluating the security situation of a network and a system thereof. The system has a two-surface three-level framework and is provided with a public service surface and a service management surface for executing uniform coordinated management on each functional module of the system; according to a service logic processing flow, the system is divided into three levels: an acquisition level, an analysis level and an exhibition level for completing four evaluating operations of assets, frangibility, threat and security situation; the invention is based on the characteristic of service operation in the network, combines the prior risk evaluation method, the prior flow and the prior security detection tool and provides a set of a novel dynamic real-time evaluation method. The system can analyze the assets and service of the network and the risk of the whole network and carries out the evaluation of the security situation. The system can provide the security state of the whole network in macroscopy, can deepen to specific service and assets and know the specific security problem, thereby effectively helping network security personnel to analyze the root of the security problem and assisting to provide a security solution proposal and implement a defense measure.

An apparatus, program product and method track the location of a vehicle during at least a portion of a period of the time associated with an economic transaction so that risks associated with the actual usage of the vehicle can be accommodated in the costs for the transaction. In particular, a determination is made during a time period associated with an economic transaction as to whether the vehicle is located at a location having an increased level of risk. Costs for the economic transaction are then adjusted based at least in part on the presence of the vehicle in a location with an increased level of risk. In one exemplary environment, car rental rates are adjusted based upon the actual usage of a rented vehicle. In another exemplary environment, insurance premiums are adjusted based upon the actual usage of an insured vehicle. In either event, usage that results in a vehicle being located in areas of comparatively higher risk can be accounted for in additional transactional costs, resulting in improved allocation of risk and minimization of economic inefficiencies.

A computer implemented method, apparatus, and computer usable program product for managing a level of marketing disincentives directed towards a customer using a risk assessment score. In one embodiment, a risk assessment score for a customer associated with a retail facility is retrieved. The risk assessment score is analyzed to determine whether the customer is a desirable customer or an undesirable customer. In response to the risk assessment score indicating that the customer is an undesirable customer, aggressive marketing disincentives targeted to the undesirable customer are generated. If the risk assessment score indicates the customer is a desirable customer, marketing incentives targeted to the desirable customer are generated.

A computer-implemented method and system for assessing the overall risk in at least part of an information technology system includes inputting into a risk assessment database a plurality of identified risks in a system; associating the risks to at least one severity band in a risk echelon; assigning a value to each risk; multiplying each risk value by a coefficient factor; and summing the factored risk values to determine the overall risk. The method preferably includes modifying the security implementation of the information technology system and determining the modified overall risk. The system preferably includes an automated vulnerability detection scanner to gather risk information, which is stored on a database and used in calculating the overall risk.

Systems, apparatuses, and methods for determining if a Merchant should be provided transaction processing services by an Acquirer and/or continue to be provided such services by the Acquirer. In one embodiment, the inventive system and methods permit a more accurate and reliable determination of the risk to an Acquirer presented by a Merchant, based on a risk assessment engine and the described set of data sources.

The invention includes systems and methods for facilitating risk assessment for point of sale transactions utilizing at least one risk triggering value (RTV) stored within a distributed (e.g., local and/or regional) processing site. An RTV is a condensed version of a set of complex risk data and strategies usually found in central processing sites. The distributed site, after receiving a request for payment authorization, a risk value is calculated for the request. The distributed processing site compares the risk value to the RTV to determine whether to authorize payment. If the risk value is less than or equal to the RTV, the payment is authorized while a risk value greater than the RTV will not be authorized. After one or more authorizations, the distributed processing site forwards the information from the transaction(s) to the central site, wherein the central site calculates a new RTV for the account and distributes the new RTV to the distributed processing site.