Risk Analysis Framework Sample Clauses

Risk Analysis Framework. The RAF component provides a risk calculation and analysis for SMEs based on business profiling, asset profiling and asset vulnerabilities assessment. The external interface of RAF comes in the form of a user-friendly questionnaire where simple questions are filled from the SMEs. The questions are designed for collecting valuable and meaningful information even from non-experts that will allow the risk analysis workflow to take place, as proposed from the ENISA Risk Management process mentioned in D3.1. RAF is designed to be a standalone framework which communicates with two external PALANTIR components: (i) the PALANTIR Portal and (ii) the Recommendation Engine (RE). In the image below the two interfaces are depicted, where the user has access to the questionnaire UI through the integrated iframe to the Portal. After the analysis is completed, the results are communicated to the RE. The RE is largely based on the decision tree, supervised Machine Learning algorithm. A decision support tool known as a “decision tree” employs a tree-like model to represent options and their potential outcomes. It is a technique to present an algorithm that solely uses conditional control statements. RE creates and updates its tree-like model of potential outcomes, which is based on the answers collected from the questionnaire that the RAF component creates and sends to the RE. With the help of the mapping and different combinations of the questions-answers, RE makes decisions about which recommendation to execute or propose. As mentioned before, this requires some preliminary preparation and mapping of the existing questions with answers. The RE creates the recommendations and forwards them to the other component that requests the results.
Sample 1
AutoNDA by SimpleDocs
Risk Analysis Framework. The RAF is developed as a standalone, lightweight application. The refined architecture design and implementation allows an easy deployment and integration with respect to the specifications and requirements introduced in D3.1.
Sample 1
Risk Analysis Framework. The current version of RAF implements many functionalities that were under development when described in D.3.1. Many of the entities described were unified (e.g. control cards as part of the Risk Calculation & Assessment Engine). Also, the communication between the PALANTIR Portal and RE was defined and implemented. Figure 4.4-1: internal modules within the RAF. The aim was to create a standalone framework, independent from other PALANTIR components where SMEs will have access and perform their risk analysis. The internal modules are depicted in figure 4.4-
Sample 1
Risk Analysis Framework. The Risk Analysis Framework (RAF) is the PALANTIR component that is responsible for the interaction with the SMEs, so that it can provide an analysis of SME risk based on business profiling, asset profiling and asset vulnerabilities assessment. RAF provides a simplified and comprehensive view of risk management or risk assessment for use within SMEs. The philosophy of this framework is to be suitable for collecting information even from non-experts and avoid obfuscating workflows for the information entry. Figure 4: simplified ENISA Risk Management Framework.
Sample 1
Risk Analysis Framework. Table 5 describes how each requirement maps to the technical specification that the RAF component must achieve through its internal proceses. Table 5: technical specifications for RAF. Req. ID Requirement description Origin of requirement
Sample 1
Risk Analysis Framework. The integration of RAF, at least at its first release, is a semi-autonomous tool which runs in a standalone fashion and which uses simple graphical tools in order to collect required information from the SME. Besides the parts based on questionnaires with closed answers, and which can be automatically evaluated; the information collected also requires human intervention. This intervention follows the form of discussion between the PALANTIR risk assessment expert and the SME delegate, and its aim is to better understand the finer details of security requirements and risk profiling for each SME. Hence, a fully automatic RAF is not anticipated. Figure 8: RAF layout. The current implementation leverages the LimeSurvey platform [40]. The implementation supports the following phases: ● Phase 1: Questionnaire and automatic calculation of Risk Profile ● Phase 2: Asset identification using the ontology suggested by XXXXX and a limited set of asset entries along with their known exploits and attack surface. A risk calculation engine, under development, will take into account Phase 1 and 2 SME data and will automatically assess the risk while providing input for the consequent Phase 3. An output produced after the first year of the project relates to lessons learnt and best practices in the form of control cards. Figure 8 presents the RAF layout. The information collected or used is organised in three databases: i) the Asset Library, which provides the set of well-known assets; ii) the Profiling Repository that collects all imported data from SMEs, as well as all relevant evaluations and outputs of RAF; and (iii) the Control Cards database, providing all available control cards within RAF. The Asset Database Maintenance subcomponents are responsible for the maintenance of the Asset Library, updating information related to asset category entries, among others. The Profile Questionnaire is a subcomponent responsible for the SME profile risk questions, used to lead to profile risk evaluation. Similarly, the Asset Identification is the subcomponent exposing the form to complete in order to collect SME assets and security requirements. The Risk Assessment Engine is the subcomponent that calculates the risk, taking into account information collected by Phase 1 and Phase 2 steps. Finally, the Risk Reporting subcomponent is responsible for creating the final reports that will include the risk evaluation and all relevant information related to organisation and asset managemen...
Sample 1
Risk Analysis Framework. On the topic of Risk Analysis as-a-framework, PALANTIR builds a technology-independent toolset for critical asset identification. In the developed framework, the users (SME/ME) design and implement different risk profiles depending on their underlying infrastructure and digital asset collection. The implementation of the framework is based on the NIST (the US’ National Institute of Standards and Technology organisation) SP 800-37 Rev. 2 specification and entails a two-layer environment. The upper layer refers to the user interaction via the portal, which visualizes the assets’ risk collection from the user and the lower layer of the Security Capabilities Hosting Infrastructure, which maps the RAF to the different interfaces of the infrastructure and digital components, which are indexed in the report. The corresponding interfaces of the Risk Analysis Framework are:
Sample 1
AutoNDA by SimpleDocs

Related to Risk Analysis Framework

  • Data Analysis In the meeting, the analysis that has led the College President to conclude that a reduction- in-force in the FSA at that College may be necessary will be shared. The analysis will include but is not limited to the following: ● Relationship of the FSA to the mission, vision, values, and strategic plan of the College and district ● External requirement for the services provided by the FSA such as accreditation or intergovernmental agreements ● Annual instructional load (as applicable) ● Percentage of annual instructional load taught by Residential Faculty (as applicable) ● Fall Full-Time Student Equivalent (FFTE) inclusive of dual enrollment ● Number of Residential Faculty teaching/working in the FSA ● Number of Residential Faculty whose primary FSA is the FSA being analyzed ● Revenue trends over five years for the FSA including but not limited to tuition and fees ● Expenditure trends over five years for the FSA including but not limited to personnel and capital ● Account balances for any fees accounts within the FSA ● Cost/benefit analysis of reducing all non-Residential Faculty plus one Residential Faculty within the FSA ● An explanation of the problem that reducing the number of faculty in the FSA would solve ● The list of potential Residential Faculty that are at risk of layoff as determined by the Vice Chancellor of Human Resources ● Other relevant information, as requested

  • Financial Framework 1. In accordance with Article 2.1 of Protocol 38c, the total amount of the financial contribution is € 1548.1 million in annual tranches of € 221.16 million over the period running from 1 May 2014 to 30 April 2021, inclusive.

  • Statistical Analysis 31 F-tests and t-tests will be used to analyze OV and Quality Acceptance data. The F-test is a 32 comparison of variances to determine if the OV and Quality Acceptance population variances 33 are equal. The t-test is a comparison of means to determine if the OV and Quality Acceptance 34 population means are equal. In addition to these two types of analyses, independent verification 35 and observation verification will also be used to validate the Quality Acceptance test results.

  • Disturbance Analysis Data Exchange The Parties will cooperate with one another and the NYISO in the analysis of disturbances to either the Large Generating Facility or the New York State Transmission System by gathering and providing access to any information relating to any disturbance, including information from disturbance recording equipment, protective relay targets, breaker operations and sequence of events records, and any disturbance information required by Good Utility Practice.

  • NIST Cybersecurity Framework The U.S. Department of Commerce National Institute for Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity Version 1.1.

  • Framework This Agreement establishes a framework that will enable Red Hat to provide Software and Services to Client. “Software” means Red Hat Enterprise Linux, JBoss Enterprise Middleware and other software programs branded by Red Hat, its Affiliates and/or third parties including all modifications, additions or further enhancements delivered by Red Hat. The specific services (the “Services”) and/or Software that Red Hat will provide to Client will be described in an Order Form, signed by the parties or otherwise accepted by Red Hat, which may consist of (a) one or more mutually agreed order forms, statements of work, work orders or similar transaction documents, or (b) an order placed by Client through Red Hat's online store accessible from a Red Hat website. The parties agree that the terms of this Agreement will govern all purchases and use by Client of Software and Services unless otherwise agreed by the parties in writing.

  • Segmentation The purchase of any Products and related Service Offerings or other Service Offerings are all separate offers and separate from any other order for any Products and related Service Offerings or other Service Offerings You may receive or have received from Oracle. You understand that You may purchase any Products and related Service Offerings or other Service Offerings independently of any other Products or Service Offerings. Your obligation to pay for (a) any Products and related Service Offerings is not contingent on performance of any other Service Offerings or delivery of any other Products or (b) other Service Offerings is not contingent on delivery of any Products or performance of any additional/other Service Offerings. You acknowledge that You have entered into the purchase without reliance on any financing or leasing arrangement with Oracle or its affiliate.

  • COMPENSATION ANALYSIS After the expiration of the second (2nd) Renewal Term of this Agreement, if any, a Compensation Analysis may be performed. At such time, based on the reported Total Gross Revenue, performance of the Concession, and/or Department’s existing rates for similarly- performing operations, Department may choose to increase the Concession Payment for the following Renewal Term(s), if any.

  • Master Contract Sales Reporting System Contractor shall report quarterly Master Contract sales in Enterprise Services’ Master Contract Sales Reporting System. Enterprise Services will provide Contractor with a login password and a vendor number. The password and vendor number will be provided to the Sales Reporting Representative(s) listed on Contractor’s Bidder Profile.

  • DATA COLLECTION AND ANALYSIS The goal of this task is to collect operational data from the project, to analyze that data for economic and environmental impacts, and to include the data and analysis in the Final Report. Formulas will be provided for calculations. A Final Report data collection template will be provided by the Energy Commission. The Recipient shall: • Develop data collection test plan. • Troubleshoot any issues identified. • Collect data, information, and analysis and develop a Final Report which includes: o Total gross project costs. o Length of time from award of bus(es) to project completion. o Fuel usage before and after the project.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!