ERM-Wiki - Week 4 responses

Risk Evaluation Tools Amundrud, Aven, & Flage (2017) argues that security experts understand risks by assessing three elements. The elements are assets, threats, and vulnerabilities. Therefore, several authors introduce different concepts regarding the definition of risks. For example, some claim that is the function of the three factors. However, some introduce mathematical connotations to determine risks in a given scenario. They argue that it is the product of assets, threats, and vulnerability. Nevertheless, it is not astonishing to discover that some ignore the aspect of assets under exposure risks. They determine the interaction between threat, vulnerability, and consequence (Amundrud et al. 2017). The inference shows that the impact of the threat is more crucial than the assets under risk of exposure. The presence of mathematical formula does not reduce the uncertainty of risks. The final output from the formula might exceed or be less than the actual value. Therefore, I selected Aven (2016) article because it coined the value of probability as a risk evaluation tool. The assessment offers an imprecise interval of the threats the firms are facings. It basis its arguments on theories to prove the possibility of the threats (Aven, 2016). However, it does not guarantee the exact value of the risks. I was also attracted to the definitions of risks that the study offered. The definitions are essential in determining the appropriate tool for risk evaluations. One of the definitions argued that risks represent the likelihood of an unfortunate event. Another focused on the likelihood of an unwanted and destructive event. Moreover, the researchers have to investigate the likely consequence of the events (Aven, 2016). They should also consider the uncertainties associated with each event.