ANALYSIS OF RELIGIOUS COURT INFORMATION SECURITY RISK MANAGEMENT USING THE OCTAVE ALLEGRO METHOD (CASE STUDY OF KEDIRI CITY)

Ease of access can be pros and cons for all information system applications, because it increases the possibility of someone hacking the information system. Therefore, a risk assessment or risk assessment of information systems is needed to identify and understand the risks involved in accessing them. One of the risk assessment methods that analyzes the risk profile of information assets using the OCTAVE Allegro method. The purpose of this study was to determine the results of the analysis of security risk management on information systems at the Religious Courts of the City of Kediri. The recommendation process is a follow-up to the risk assessment in the form of controls in ISO/IEC 27002:2013 which focuses on clause 9. Access Control. This research uses a literature study approach . The literature review was carried out by looking for references to information security risk management analysis using the OCTAVE Allegro method, research material books and research journals to assist in the preparation of this research proposal. The theory taken from the reference mainly refers to the OCTAVE Allegro method. Based on the results of the research conducted, the researchers got 10 areas of attention that will be given control recommendations based on ISO/IEC 27002:2013

Integration of risk analysis methods in aerospace research projects

Organizations are exposed to several types of risks, such as environmental, legal, operational, financial, and technological; that are subjected to epistemic uncertainty. In this context, a contemporary issue is how to deal with accidents, with greater difficulty in understanding the sociotechnical system, due to its complex and dynamic characteristics, in an attempt to prevent accidents based on components’ behavior. Although, for most complex systems and projects, a record of the exposure to hazards is incomplete or nonexistent, especially when it is highly innovative. This study developed a risk analysis framework for complex aerospace research projects by integrating different methods: problem structuring, safety control action analysis, and prioritization of results. Three methods are proposed: (1) Soft Systems Methodology (SSM) for initial review and understanding of the problem situation, and preliminary identification of hazards and losses; (2) Systems-Theoretic Process Analysis (STPA), to identify Unsafe Control Actions (UCAs) and their causal scenarios; and (3), Preferences Sorting Technique by Similarity to Ideal Solution (TOPSIS Fuzzy) for prioritization of the UCAs and mitigating causal scenarios. This proposal was applied to the Liquid Propulsion Injection Systems Laboratory (CEPROS), and, through the SSM, 7 hazards and 4 losses were found. On the other hand, the STPA method found 15 loops with 48 UCAs and 106 causal scenarios. In the end, it is recommended that the Decision Maker establishes a cut-off criterion, that is, a Hierarchy of Management and Control of the identified UCAs. The proposed methods follow the line of sociotechnical systems, considering the difficulty of the decision-maker for risk analysis in aerospace research projects. Thus, this work presents a structure of different methods covering the entire risk management process, increasing the difficulty in fulfilling the mission due to the level of complexity of the project, and supporting strategies for coordinated decision-making

Review of the safety engineering techniques for a complex ship system

Marine industry is leaning towards the autonomous vessels; and advanced technologies are being developed for autonomous operations. However, this rapid technological change has increased the level of complexity in ship systems. As the interactions between components are increasing further and software are getting imbedded into components, the nature of risks in modern systems can be different than in the traditional systems; where the risks were mostly limited to human errors and component failures. However, for identifying risks in modern systems, it is first important to understand the system composition and the behavior of components. Since traditional system-safety engineering techniques, developed for the relatively simpler systems in past, are still dominant in marine industry. These techniques may not be able to cope with the risks due to increasing complexity.This paper reviews and identifies a suitable modelling approach and a risk analysis method for a complex ship system. A modern modeling approach known as Systems-Modeling Language (SysML) and a modern risk analysis method known as Systems-Theoretical Process Analysis (STPA) are reviewed and compared with widely used traditional methods known as the Tree structure method and Fault Tree Analysis. SysML is a graphical modeling language that presents structural composition, component functions, behavior, constraints and requirements of a complex system. STPA is a risk analysis method that aims to identify and mitigate risks in a complex system. The review and comparison results are presented in the paper.The results of this study suggest that the modern methods are more suitable than the traditional methods when the functionality of each method are considered. However, as the modern methods are more detailed, and are focused on the functionality, they are relatively complex and require more resources for the analysis in comparison to the traditional methods. Some viable solutions to improve the drawbacks of SysML and STPA, and possible future research topics are presented.Peer reviewe

Factors Influencing Integrated Management System Practices

The implementation and certification of quality, environmental and occupational health and safety management systems have become a preference for many organisations. In facts, most current practice in the area of quality standard, each organisation needs to spend huge amount of money in order to gain the certification for each quality management standard such as ISO 9001, ISO 14001 and OHSAS 18001. Hence, the combination of these management systems that lead to the formation of Integrated Management System (IMS) was established. There is a trend for the organisation to implement an IMS in order to overcome any problems resulting from multiple management systems. Besides, there are connection between quality management and risk management system – ISO 31000 that need to be identified in order to enhance the effectiveness of IMS. This research focuses on identifying the factors of IMS implementation, investigating the converged and diverged components in management system, studying the implementation of IMS and investigating the possible integration of ISO 31000 into current IMS practices. The research was based on social constructivism under an exploratory study. Multiple cases studies and in-depth literature review were employed as the research design approach. Three methods of key data collection (qualitative methods) were used: (1) Primary data from face-to-face interview (2) Primary data from expert opinion survey via e-mail (electronic mail survey) and (3) Secondary data from official documents. Also, two methods of analysis were used, namely: (1) Time series/chronology/historical analysis and (2) Explanation building. The literature review on quality management and IMS implementation identifies the need of understanding the results of IMS implementation and the components that could converged and diverged and also how the organisation would implemented it. Accordingly, the review on the previous study allows the researcher to establish the theoretical framework. Thus, the researcher has gained the information on how IMS would change the way to manage quality management in an organisation with respect to gain continuous improvement of it. As a result, this study has identified the 16 factors of IMS implementation, the converged and diverged components from case studies, the implementation approach and the proposed integration of ISO 31000, Risk Management System. This research gives a new insight on the importance of IMS and the potentials of bringing an effective management that takes all four quality standards into consideration. Moreover, the study has provided the extended version of framework that embedded the combination of different ISO series. In turn, this research further underlines and suggested on the integration of four management systems- ISO 9001, ISO 14001, OHSAS 18001 and ISO 31000 for an effective implementation of IMS which are presented and could be expanded for future research

Risk Factors for Emergency Medical Care or Hospitalization Due to Heat-Related Illness or Injury: A Systematic Review

Background: Temperatures globally have been predicted to increase due to changes in the climate. As the earth gets warmer, it is expected that heat-related illness will also increase worldwide. An effective and appropriate public health response will be critical. Purpose: The aim of this review was to identify risk factors associated with heat-related illness and injury to provide target areas for future interventions. Methods: A review of existing literature was analyzed for risk factors that may increase the likelihood of being admitted to an emergency department for a heat related illness or injury. Results: Of the included articles in this analysis (n=85), the common risk factors for emergency care or hospitalization from heat exposure were patient’s age (n=42), gender or sex (n=33), underlying health conditions or comorbidities (n=12) and time of year (n=24). Discussion: Community education and public health messages for prevention with focus on risk factors and common symptoms are important to decrease the rates of emergency care and hospital admissions. Further research is needed to determine mitigation strategies to decrease heat-related illness or injury as well as investments in early warning systems to protect vulnerable populations

Resilience, Reliability, and Recoverability (3Rs)

Recent natural and human-made disasters, mortgage derivatives crises, and the need for stable systems in different areas have renewed interest in the concept of resilience, especially as it relates to complex industrial systems with mechanical failures. This concept in the engineering systems (infrastructure) domain could be interpreted as the probability that system conditions exceed an irrevocable tipping point. But the probability in this subject covers the different areas that different approaches and indicators can evaluate. In this context, reliability engineering is used the reliability (uptime) and recoverability (downtime) indicators (or performance indicators) as the most useful probabilistic tools for performance measurement. Therefore, our research penalty area is the resilience concept in combination with reliability and recoverability. It must be said that the resilience evaluators must be considering a diversity of knowledge sources. In this thesis, the literature review points to several important implications for understanding and applying resilience in the engineering area and The Arctic condition. Indeed, we try to understand the application and interaction of different performance-based resilience concepts. In this way, a collection of the most popular performance-based resilience analysis methods with an engineering perspective is added as a state-of-the-art review. The performance indicators studies reveal that operational conditions significantly affect the components, industry activities, and infrastructures performance in various ways. These influential factors (or heterogeneity) can broadly be studied into two groups: observable and unobservable risk factors in probability analysis of system performance. The covariate-based models (regression), such as proportional hazard models (PHM), and their extent are the most popular methods for quantifying observable and unobservable risk factors. The report is organized as follows: After a brief introduction of resilience, chapters 2,3 priorly provide a comprehensive statistical overview of the reliability and recoverability domain research by using large scientific databases such as Scopus and Web of Science. As the first subsection, a detailed review of publications in the reliability and recoverability assessment of the engineering systems in recent years (since 2015) is provided. The second subsection of these chapters focuses on research done in the Arctic region. The last subsection presents covariate-based reliability and recoverability models. Finally, in chapter 4, the first part presents the concept and definitions of resilience. The literature reviews four main perspectives: resilience in engineering systems, resilience in the Arctic area, the integration of “Resilience, Reliability, and Recoverability (3Rs)”, and performance-based resilience models

Review and comparison of the modeling approaches and risk analysis methods for complex ship system.

Marine industry is leaning towards autonomous vessels with companies such as Rolls-Royce and Kongsberg leading the development. However, this rapid technological change invites greater risks and responsibilities for marine professionals. Ship systems are getting more complex with time as the interactions between components are increasing and software are getting embedded. As a result, the nature of risks in modern systems can be different than in the traditional systems, where the risks were mostly limited to human errors and component failures. However, for identifying risks in modern complex systems, it is first important to understand the structural composition of the system, and the component’s behavior, functions and interactions. Although, modern systems are quite different than traditional systems, traditional system-safety engineering techniques developed are still widely used. This thesis aims to review a modern modeling approach known as Systems Modeling Language (SysML) and a risk analysis method known as Systems-Theoretical Process Analysis (STPA); and compare them against widely used traditional methods known as the Tree structure method and Fault Tree Analysis (FTA). SysML, developed in 2006, is a graphical modeling language which presents structural composition, component functions, behavior, constraints and requirements of a system. SysML aims to support the analysis, specification, design, verification and validation of complex systems. STPA, developed in 2011, is a risk analysis method which aims to identify and mitigate risks in a complex system. Unlike traditional methods such as Fault Tree analysis (FTA), STPA focuses on risks due to the unsafe control actions and component interactions. Furthermore, STPA can be also used during the early phases of the system development process to generate safety constraints and requirements for a safer design of the system. This thesis also includes a workshop with Rolls-Royce where FTA, STPA, SysML and the Tree structure method were applied to a sample complex ship system. The results and feedback received from the workshop are presented and analyzed. The results suggest that the modern methods such as SysML and STPA are more suitable than traditional methods for modeling and identifying risks in a complex ship system if the results of the method’s implementation are considered. SysML presents several aspects of systems in a model which are missing in the Tree structure method, such as the requirements of a system, and behavior and interaction of components. Furthermore, it also provides a model that can be used as a tool for conducting an analysis of a system. Similarly, STPA succeeds on identifying higher number of risks related to component interactions and human errors in comparison to FTA, as STPA analyzes all possible control actions in a system, whereas FTA only analyzes the risks that are known to the analysts. However, some drawbacks of SysML and STPA have also been identified. Although the methods are suitable for complex ship systems, the methods have higher degree of complexity and require more time for an analysis in comparison to traditional methods. Furthermore, some solutions to improve the identified drawbacks of SysML and STPA are proposed in this thesis. Finally, some viable future research topics to improve the research results are presented

Application of artificial intelligence in Geodesy – A review of theoretical foundations and practical examples

Dieser Beitrag ist mit Zustimmung des Rechteinhabers aufgrund einer (DFG geförderten) Allianz- bzw. Nationallizenz frei zugänglich.This publication is with permission of the rights owner freely accessible due to an Alliance licence and a national licence (funded by the DFG, German Research Foundation) respectively.Artificial Intelligence (AI) is one of the key technologies in many of today's novel applications. It is used to add knowledge and reasoning to systems. This paper illustrates a review of AI methods including examples of their practical application in Geodesy like data analysis, deformation analysis, navigation, network adjustment, and optimization of complex measurement procedures. We focus on three examples, namely, a geo-risk assessment system supported by a knowledge-base, an intelligent dead reckoning personal navigator, and evolutionary strategies for the determination of Earth gravity field parameters. Some of the authors are members of IAG Sub-Commission 4.2 – Working Group 4.2.3, which has the main goal to study and report on the application of AI in Engineering Geodesy

Mechanisms underpinning interventions to reduce sexual violence in armed conflict: A realist-informed systematic review

Sexual violence is recognised as a widespread consequence of armed conflict and other humanitarian crises. The limited evidence in literature on interventions in this field suggests a need for alternatives to traditional review methods, particularly given the challenges of undertaking research in conflict and crisis settings. This study employed a realist review of the literature on interventions with the aim of identifying the mechanisms at work across the range of types of intervention. The realist approach is an exploratory and theory-driven review method. It is well suited to complex interventions as it takes into account contextual factors to identify mechanisms that contribute to outcomes. The limited data available indicate that there are few deterrents to sexual violence in crises. Four main mechanisms appear to contribute to effective interventions: increasing the risk to offenders of being detected; building community engagement; ensuring community members are aware of available help for and responses to sexual violence; and safe and anonymous systems for reporting and seeking help. These mechanisms appeared to contribute to outcomes in multiple-component interventions, as well as those relating to gathering firewood, codes of conduct for personnel and legal interventions. Drawing on pre-existing capacity or culture in communities is an additional mechanism which should be explored. Though increasing the risk to offenders of being detected was assumed to be a central mechanism in deterring sexual violence, the evidence suggests that this mechanism operated only in interventions focused on gathering firewood and providing alternative fuels. The other three mechanisms appeared important to the likelihood of an intervention being successful, particularly when operating simultaneously. In a field where robust outcome research remains likely to be limited, realist methods provide opportunities to understand existing evidence. Our analysis identifies the important potential of building in mechanisms involving community engagement, awareness of responses and safe reporting provisions into the range of types of intervention for sexual violence in crises