Abstract
In this paper we analyze nine risk management and prevention methodologies, carrying out a comparison of the stages that they include and determining if they take into account the human factor in the risk analysis and treatment. We observe that only 42.85% of the studied management risk methodologies include this factor and conclude that the NIST [National Institute of Standards and Technology] Risk Management methodology is the most complete, although it would be desirable for it to focus more on the human factor like the IDB [Inter-American Development Bank] Corruption Diagnosis, Prevention and Control in Programs of Civic Security methodology.
Highlights
Effective use of information and communications technologies [ICT] is a critical factor of success in current society
The risk management methodology NTC-ISO / IEC 27005 includes the four phases considered in this analysis, but does not mention the human factor, because the steps are described in very general terms
The NIST methodology of risk management is perhaps the most complete methodology of all those studied, because it includes the four phases considered in this analysis and provides definitions such as the practical guidance needed to assess and mitigate the risks identified in IT systems, and describes in a very precise way what to do in each of its nine steps
Summary
Effective use of information and communications technologies [ICT] is a critical factor of success in current society. The techniques used in engineering are more concerned with identifying technical failures than social matters such as risk perception, cultural bias, and failures in human communication. Social scientists are strongly opposed to the vision of natural scientists and engineers regarding risk management, and warn that ignoring sociological or social questions can be problematic, since the result of a human error –or of the lack of communication– can be as disastrous as the result of a technical failure (Frosdick, 1997).
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
