Social Engineering Essay

338 WordsApr 5, 20132 Pages
or disruption takes place until mitigation and restoration actions have been completed. In some cases it can be more suitable to concentrate on resources to abort an ongoing disruption, rather than using the resources to prevent that the disruption takes place. Hence, the major difference between the risk and the vulnerability analysis is that the latter focuses on the whole disruption period until a new stable situation is obtained. Consequently, we add a fourth question, which involves analysis of resources and strategies for mitigation, recovery and restart: iv) How can the system function be recovered after a disruption? A typical situation when analyzing risk in technical systems is that we have few data of accidents or disturbances with severe consequences. Hence, it is seldom possible to use ordinary statistical methods to estimate the risk. Sometimes, useful information can be obtained from incidents (or precursors). However, in many situations, especially when we are dealing with new technologies or new systems, no severe accidents have yet occurred. We therefore have to use theoretical (logical) models and/or experts’ opinions. Thus, we can discern three principal ways to estimate the probability, or likelihood, that a certain event (disturbance) will occur (Holmgren & Thedéen, 2003): • Ordinary statistical analysis of empirical accident or incident data, e.g. analysis of traffic or workplace accidents. • Theoretical (mathematical) modeling of the technical systems in combination with empirical data for components, e.g. probabilistic safety analysis (PSA) in the nuclear and process industries. • Expert judgments, e.g. within the qualitative engineering risk analysis methods. Expert judgments can be collected through more or less formalized methods, e.g. through interviews or surveys. Empirical data can also be combined with expert

More about Social Engineering Essay

Open Document