ARL Logo
Risky Thinking
– On Risk Assessment, Risk Management, and Business Continuity
  
Home / Essays & Articles / The Archive 22 March, 2010
Risky Thinking
Home Page
BCP Training & Seminars
BCP Consulting
BCP Software
Risk/BCP Articles
Newsletter
Risky Blog
Risk/BCP Glossary
BCP Tools
Risk Resources
Older Articles
Article RSS Feed
About Us
Michael Z. Bell
Contact Info


 

 

Threat Analysis and Risk Management Essay Archive

Here are some of the older essays and articles on Risk Analysis, Threat Analysis, and Risk Management that you may have missed:

  • 100% Uptime Anybody?  (December 2004)

    Online service providers make extravagant claims about the availability of their services. But what does 100% uptime mean? And how much is it worth? (Full Text)

  • A Tale of Two Risk Management Decisions  (October 2004)

    Two of us looked at an event and made similar estimates of the likelihood of it recurring. However, one of us chose to accept the risk; the other, chose to mitigate it. Which of us was right? (Full Text)

  • Another Country  (February 2005)

    In different countries, different rules apply. Yet we tend to think that everywhere people are like us and that our own rules apply. Unless we are careful, this can lead us to assume some unexpected risks. (Full Text)

  • Business Continuity During a Recession  (April 2009)

    The world economic crisis is having an impact on business continuity, disaster recovery, and risk management. But there are some opportunities among the darkening clouds... (Full Text)

  • Changed a Light Bulb Recently?  (April 2005)

    Disruptive technologies can change what a company has to make and do to stay in business. Even the humble light bulb is undergoing some major changes. (Full Text)

  • Crime and Technology  (May 2005)

    Why doesn't the technology of crime match what we see in the Hollywood movies? Some advanced criminal technology exists, but it's all a question of economics... (Full Text)

  • Does Pure Risk Exist in Business?  (January 2005)

    Risk text books always used to begin with a section explaining the distinction between pure risk and speculative risk. But is there really such a thing as pure risk in business? (Full Text)

  • Double or Lose?  (March 2005)

    Games provide useful analogies for many aspects of life. Is there a game which offers good analogies for risk management? (Full Text)

  • Email Identity Theft  (February 2006)

    If you're in business, your email address is going to be forged. Perhaps for phishing, but more likely by spammers. What can you do? (An updated version of one our most popular articles) (Full Text)

  • GroupThink  (December 2004)

    The buzzword may have vanished, but the phenomenon is still very much alive in organizations and every day life. Where can we see GroupThink? And how can we deal with it? (Full Text)

  • How far away should a hot site or mirror site be?  (February 2008)

    A question that is often asked when designing a disaster recovery plan is how far away a hot site or mirror site should be. Is there a simple answer? (Full Text)

  • How Many Business Continuity Plans Do You Need?  (February 2007)

    You have a main office and several branch offices. Should you have one big plan, or one for each office? (Full Text)

  • How Much is a Business Continuity Plan Worth (Part 1)  (January 2006)

    A radio station's phone-in game can give some insights into that tricky question: just how do you calculate the ROI on a Business Continuity Plan? (Full Text)

  • How Much is a Business Continuity Plan Worth (Part 2)  (June 2006)

    In Part 1 of this article we suggested that much could be learned about the value of a Business Continuity Plan by examining the optimal strategy for a radio show's call-in game. In this second part we build upon this by answering the question "How much is a Business Continuity Plan Worth?". (Full Text)

  • How Much is a Business Continuity Plan Worth (Part 3)  (January 2007)

    In parts 1 and 2 I proposed a method of valuing a company's Business Continuity Program. Here's (possibly) where I went wrong... (Full Text)

  • How To Put Yourself Off Dinner  (November 2004)

    A fast-food restaurant is not a good place for a discussion on risks. Common industry practices can amplify otherwise miniscule risks, and the restaurant owner may well be the victim of the risk management practices of his suppliers. (Full Text)

  • In Business Continuity, Size Matters  (January 2007)

    On a forum somewhere in cyberspace, a poster lamented attending a lecture on business continuity. Her impression was that it was just backup. It isn't, but why might she have been given the wrong impression? (Full Text)

  • Is it (fire) safe?  (June 2005)

    If you put your backup tapes in a fire safe you probably think it will protect them from fire. But that isn't always the case... (Full Text)

  • It's Enough To Put Yourself Off Lunch  (November 2004)

    Fast food restaurants face special risks, some of which are not completely under their own control. In particular, a supplier with a massive positive feedback loop can cause things to go wrong, as the mad cow case demonstrates. (Full Text)

  • Key People Never Die  (March 2005)

    When does key person insurance make sense? A look at some of the reasons why Key Person insurance is not always a good risk management strategy. (Full Text)

  • Lessons from Hurricane Katrina  (September 2005)

    Watching the news coverage of hurricane Katrina has been like watching a Greek tragedy as forces beyond human control push events toward their inevitable conclusions. The play is unfinished. We know that more horrors have yet to be revealed. But what lesson, if any, can we learn from Katrina? (Full Text)

  • Looking for Lessons from Mumbai  (January 2009)

    The tragic events in Mumbai are rapidly disappearing over the world's news event horizon. Often the only positive feature of any tragedy is to ask what lessons can be learned from it. What lessons can be learned by business continuity planners from the terrorist attacks in Mumbai? (Full Text)

  • No More Cheap Shots!  (January 2005)

    Video surveillance is undergoing a digital revolution, yet the newspapers still show blurred pictures of unrecognizable supsects. Is the quality of your CCTV system a risk? (Full Text)

  • Of Backups and Bare Metal Restore  (February 2010)

    Your data’s safe, isn’t it? If a disaster happened, you could simply buy new computers, restore from backups, and continue working. Or could you? Welcome to Michael Z. Bell’s First Rule of Real World Backups: backups don’t exist unless you test them. (Full Text)

  • Of Tomatoes, Traceability, and Terrorism  (September 2008)

    It hasn't been a good summer for the food industry in North America, with major outbreaks of Salmonellosis and Listeriosis. What can we learn from these even if we aren't in the food industry? (Full Text)

  • On Eggs and Baskets  (May 2005)

    It's common advice to not put all your eggs in one basket, but does that mean it's always the right thing to do? (Full Text)

  • On the difference between Wide Area and Local Area Disasters  (November 2005)

    Hurricane Katrina reminded us that there are major differences between a local disaster and a wide area disaster. Just what are they? It's time to make a list. (Full Text)

  • Phishing for Customers  (February 2005)

    Phishing seeks to dupe your customers into disclosing account details and passwords. It's a new twist on an old crime. But what can your company do to fight the phishing menace? (Full Text)

  • Political Risk and Economics  (October 2004)

    Politics mostly consists of making policy decisions which benefit one group of people at the expense of another. How do you keep a check on policies which will affect you without spending too much time and effort on the process? (Full Text)

  • Putting Your Plan Where It Counts  (November 2008)

    Is your business continuity plan just gathering dust on a shelf somewhere? There are various places parts of your plan should be. (Full Text)

  • Should It Be In The Plan?  (February 2007)

    A question which confuses many people is whether a document, data, or procedure should be included in the business continuity or disaster recovery plan, or should it simply be referenced by it. As so often is the case, it's a trade-off... (Full Text)

  • Supplier Risk and Brand China  (September 2007)

    Recently there has been a spate of recalls involving Chinese goods. Is there something wrong with goods made in China? If you source components or products in China should you be worried? And what should you do? (Full Text)

  • The 2009 Pandemic Flu: A Premature Retrospective  (July 2009)

    We may have been lucky once again. The H1N1 / Swine flu epidemic which was first reported in Mexico in 2009 hasn't proved as deadly as early reports suggested it might be. It's influenza. It's a pandemic. It will kill a lot of people over the next three years. But it doesn't look like it will be anywhere near as deadly as the flu pandemic of 1918. It looks like it is another near miss, which means that we may have the chance to learn some lessons from the current outbreak... (Full Text)

  • Time To Get Out? Building Evacuation in Terrorist Times  (July 2005)

    The closest most companies are likely to come to a terrorist attack is responding to a bomb threat or evacuating a building. It sounds easy, but do you know how to do it right? (Full Text)

  • Two (or more) Types of Emergency Notification System  (August 2008)

    I was sitting in a meeting listening to a sales presentation on an Emergency Notification System. The client needed an Emergency Notification System. This wasn't what the client needed. What went wrong? (Full Text)

  • What Do Emergent Risks Do Next?  (June 2005)

    Can you study emergent risks? And what can you say about them? (Full Text)

  • When Bollywood Meets Business Continuity  (August 2006)

    What's the connection between the death (through natural causes) of a 77 year old Indian film star and business continuity? Read on... (Full Text)

  • Y2K Revisited  (April 2005)

    In a recent radio show, the glib radio host implied that the Y2K risk never really existed. Was he right? Or do his comments tell us more about human nature than about the risks arising from time representation in computer systems? (Full Text)

  • Your Money or Their Life?  (May 2005)

    How do you put a dollar value on a human life? It's not something anybody likes to do, but when faced with a decision as to whether to spend money to reduce some risks, it's what you have to do ... (Full Text)

See also Recent Articles on Threat Analysis and Risk Management.

© Albion Research Ltd. 2010