4831 results about "Risk assessment" patented technology

A system provides audit opinions on an enterprise's organizations, processes, risks, and risk controls. The system first evaluates the enterprise's set of risk controls. The audit opinions of the set of risk controls are used to evaluate the set of risks associated with the set of risk controls. The audit opinions of the set of risks and of the set of risk controls are in turn used to evaluate the set of processes associated with the set of risks. Finally, all of these audit opinions are used to evaluate the set of organizations associated with the set of processes. The system streamlines the evaluation of risk by determining suggested audit opinions. Suggested audit opinions for a given item can be determined from audit opinions previously determined and associated with the given item. Rules can be defined for a given item to specify how to determine the suggested audit result.

A computer-assisted system, medium and method of providing a risk assessment of a target system. The method includes providing one or more test requirements categories, associating one or more first data elements with each requirements category, associating one or more second data elements with a degree of exposure of the target system to the one or more threats, comparing the first data elements to the second data elements to determine, based on predetermined rules, composite data elements for each requirements category; and selecting, based upon predetermined rules, a level of risk of the composite data elements as a baseline risk level for each requirements category.

Systems, methods, and program product to perform a cyber security risk assessment on a plurality of process control networks and systems comprising a plurality of primary network assets at an industrial process facility, are provided. An example of a system and program product can include an industrial and process control systems scanning module configured to identify networks and systems topology and to execute system and network security, vulnerability, virus, link congestion, node congestion analysis to thereby detect susceptibility to know threats to define potential vulnerabilities; a threats to vulnerabilities likelihood and consequences data repository module configured to determine a likelihood of each of a plurality of known threats exploiting identified vulnerabilities and to identify consequences of the exploitation to individual impacted systems and to overall plant operation; and a risk level evaluator module configured to determine a risk level rating for any identified vulnerabilities and provide recommended corrective actions.

A privacy impact assessment is performed to determine and implement privacy requirements for any information resource that uses personal information. Data may be collected and analyzed regarding the information resource and the personal information, and applicable laws, regulations, and policies may be considered to determine privacy requirements. Such requirements may include, for example, access controls, information retention periods, systems requirements, and risk assessments.

An automated method, system, device, and / or computer program for performing risk assessment for an information system. A risk assessment tool can receive a scenario for which to perform a risk assessment. A contextual data model and a set of data instances for the information system can be accessed. The contextual data model can define relationships between physical and logical assets of the information system. The contextual data model and set of data instances can be analyzed in relation to the scenario. An action plan can be generated that addresses the scenario.

Systems, program product, and methods related to dynamic Internet security and risk assessment and management, are provided. For example, a system, program product, and method of identifying and servicing actual customer requests to a defended or protected computer or server can include the steps / operations of receiving by the defended computer, a service request from each of a plurality of IP addresses associated with a separate one of a plurality of service requesting computers, sending an inspection code adapted to perform a virtual attack on each existing service requesting computers at each respective associated IP address, and restricting provision of services from the defended computer to a subset of the service requesting computers identified for restriction when a security feature of the respective service requesting computer is determined to have been defeated by the virtual attack.

The present invention is directed to a business method in the field of automobile insurance, more specifically, a system and method of determining an objective driver score that may be used universally by independent insurers to evaluate the risk of insuring a driver by employing certain risk assessment factors concerning the driver's personal history which are each analyzed to derive weighted scores. Each driver is provided with a portable pin with an electronic key unique to the driver that is encoded for selective activation of a monitoring unit in a vehicle such that solely the activities of the driver being assessed is recorded and communicated to an evaluation center. Once activated, the monitoring unit records and generates the driver's risk assessment record based on the driver's operation of a vehicle equipped with the monitoring unit, as well as other variable parameters concerning operation of the vehicle. Said driver's risk assessment record is analyzed to derive a weighted driver risk assessment score that is aggregated with the individual weighted scores derived from the risk assessment factors to generate an objective driver score.

Systems and methods for managing a multi-region data incident are provided herein. Example methods include receiving, via a risk assessment server, in response to an occurrence of the data incident, data incident data that including information corresponding to the data incident, wherein the data incident has a plurality of facets with each facet having any of unique and overlapping set of privacy data and media type and associated risk factors requiring facet specific incident risk assessment, automatically generating, via the risk assessment server, a risk assessment and decision-support guidance whether the facet is reportable, from a comparison of the facet to privacy rules, the privacy rules define requirements associated with data incident notification obligations, and providing, via the risk assessment server, the risk assessment to a display device that selectively couples with the risk assessment server.

An apparatus, program product and method track the location of a vehicle during at least a portion of a period of the time associated with an economic transaction so that risks associated with the actual usage of the vehicle can be accommodated in the costs for the transaction. In particular, a determination is made during a time period associated with an economic transaction as to whether the vehicle is located at a location having an increased level of risk. Costs for the economic transaction are then adjusted based at least in part on the presence of the vehicle in a location with an increased level of risk. In one exemplary environment, car rental rates are adjusted based upon the actual usage of a rented vehicle. In another exemplary environment, insurance premiums are adjusted based upon the actual usage of an insured vehicle. In either event, usage that results in a vehicle being located in areas of comparatively higher risk can be accounted for in additional transactional costs, resulting in improved allocation of risk and minimization of economic inefficiencies.

A Driver Risk Assessment System and Method Having Calibrating Automatic Event Scoring is disclosed. The system and method provide robust and reliable event scoring and reporting, while also optimizing data transmission bandwidth. The system includes onboard vehicular driving event detectors that record data related to detected driving events and selectively store or transfer data related to said detected driving events. If elected, the onboard vehicular system will score a detected driving event, compare the local score to historical values previously stored within the onboard system, and upload selective data or data types to a remote server or user if the system concludes that a serious driving event has occurred. Importantly, the onboard event scoring system, if enabled, will continuously evolve and improve in its reliability by being periodically re-calibrated with the ongoing reliability results of manual human review of automated predictive event reports. The system may further respond to independent user requests by transferring select data to said user at a variety of locations and formats.

Systems and methods for identifying, evaluating, and accounting for effects of authorized user trade lines are disclosed. The systems and methods incorporate use of credit characteristics that describe the nature of authorized user trade lines on a credit file or across credit files, and the influence of those authorized user relationships relative to the non-authorized user trade lines on the credit file in the evaluation of credit risk. Systems and methods incorporating these credit characteristics can be used in identifying any bias in perceived credit risk, in the evaluation of credit risk, or other credit-related evaluation.