Übersetzungen exportieren

Einstellungen

Gruppe

Sprache

Format

Für die Offline-Übersetzung exportieren

Im systemeigenen Format exportieren

Im CSV-Format exportieren

{{DISPLAYTITLE:Risk Policy}}
[[Datei:RM_Risikopolitik_Inhalt.png||left|thumb|901px|Risk Policy Menu Items]]
All settings and configurations made here are globally applicable. They affect '''all management systems''' and can only be edited by experts or administrators. On the left, you can see the menu with all the items that make up the risk policy. We will discuss these items in more detail below.

== Protection targets==

Each standard as well as each management system pursues a given purpose. Goals are defined to ensure their protection.

These protection targets are subsequently used in the protection needs analysis, the structural analysis, and many other sections of the tool. The objectives are mapped in the knowledge databases to assessment questions or, where applicable, to other risks or measures. Manufacturer-specific protection targets are marked with a yellow tool icon instead of the trash can button. They can be renamed or deactivated but cannot be deleted. They are labeled as “Manufacturer-specific protection targets” under “Risk Management → Risk Policy → Protection targets”. 
Manufacturer-specific protection targets:
*Confidentiality 
*Availability 
*Integrity
*RTO (= Recovery Time Objective)
*RPO (= Recovery Point Objective)

Additional protection targets can be freely created and edited by experts. These can be easily identified by a red trash can button, which can also be used to delete them.

[[Datei:Risikopolitik Schutzziele.png||left|thumb|901px]] 
=== Import manufacturer-specific protection targets ===

Since some manufacturer-specific protection targets are only required for certain industries, not all defined protection targets are supplied as standard. However, these can be imported if required. To do this, simply click on the arrow next to the plus and select the desired target for import.

This function is needed, for example, to import knowledge bases created by HITGuard that require a protection target that is not delivered by default.

== Probabilities of occurrence ==

The probability of occurrence is the estimated probability of the occurrence of a specific event in a given future period (e.g. 1x in 30 years).

As the figure below shows classes of probabilities of occurrence can be freely defined. The number of categories, the name of the occurrence probability classes as well as their description and stored occurrence probabilities (in frequency per period) are freely configurable.

[[Datei:Eintrittswahrscheinlichkeiten.PNG|left|thumb|901px|Probability of occurrence mask]]

Risk factor:
:The risk factor serves as a multiplier for calculating the risk ratio of a risk. The risk factor of the selected probability of occurrence is multiplied by the risk factor of the selected extent of damage, thus determining the risk ratio.
:The risk ratio serves to rank the risks. The higher the risk index, the greater the significance of the risk.

Factual:
: This checkbox can only be activated for one probability of occurrence. If selected, this probability of occurrence is treated as absolute. Risks, opportunities and impacts evaluated as such are then fact. The factual probability of occurrence is marked as such when choosing it in the risk/opportunity/impact.

'''Example based on and extended to TR719 (80001):'''

{| class="wikitable"
|-
! Probability of - occurrence classes 
! Definition
|-
|rowspan = 2| Extremely rare
| At least once in 30 years. 
|-
| It is very unlikely that unintended effects will occur.
|-
|rowspan = 2| Very rare
| At least once in 10 years. 
|-
|It is unlikely that unintended effects will occur.
|-
|rowspan = 2| Rare
| At least once in three years.
|-
| There may be unintended effects from time to time.
|-
|rowspan = 2| Probably
| At least once a year
|-
| It is likely that unintended effects will occur.
|-
|rowspan = 2| Frequently
| At least once a month
|-
| Unintended effects often occur.
|-
|rowspan = 2| Very frequent
| At least once a week or more
|-
| Unintended effects occur very frequently or almost always.
|}

== Criteria for extent of damage ==

Damage is not necessarily of a monetary nature. It can be determined, for example, by loss of effectiveness, image damage or patient damage. For this reason, HITGuard offers the possibility to freely configure criteria for the extent of damage. These criteria can then be mapped to extent of damage classes and thus be used for protection needs analyses.

Criteria for the extent of damage can be defined under "Risk management → Risk policy → Criteria for extent of damage".

[[Datei:Kriterien für Schadensausmaße.PNG|left|thumb|900px|Example: Criteria for damage extent]]

== Extent of damage ==

Extent of loss is divided into classes. The loss severity classes are based on the risk-bearing capacity of the company. The highest loss severity class should therefore be based on the maximum loss that the company can bear.

If you want to use different damage extent classes in one or more management systems, then create an additional classification of extent of damage and benefit for this purpose. You can then create new damage extent classes for these. Then, under “Risk Management → Settings,” assign the newly created classification to the desired management system.

Classes and classifications can be defined by administrators and experts by clicking on the plus next to the classes/classifications. (see figure)

[[Datei:Schadensausmaße.PNG|left|thumb|901px|Beispiel: Schadensausmaß Hoch]]

Monetary damage:
: Here you define how high the monetary damage of a class is.

PNA Edge Weight:
: This value is intended to express the dependency on assets. Perform a [[Special:MyLanguage/Schutzbedarf|protection needs analysis(PNA)]] in HITGuard and select the extent-of-damage levels. HITGuard then takes the PNA edge weight of the damage extent and enters it into the corresponding dependency relationship in the [[Special:MyLanguage/Strukturanalyse#Beziehungen_zwischen_Elementen|Structural Analysis]]. This affects many evaluations using the Structural Analysis. Above all, together with the “Protection needs” setting (see below), it influences the classification of protection requirement classes.

:'''Example:'''

:{| class="wikitable"
|-
! Damage extent class!! PNA edge weight
|-
| insignificant || 10%
|-
| Low || 20%
|-
| Moderately || 40%
|-
| Up || 60%
|-
| Catastrophic || 100%
|}

Risk factor:

: The risk factor serves as a multiplier for calculating the risk ratio of a risk. The risk factor of the selected probability of occurrence is multiplied by the risk factor of the selected extent of damage, thus determining the risk ratio.
: The risk ratio serves to rank the risks. The higher the risk index, the greater the significance of the risk.

: [[Datei:Beispielhafte Verteilung von Risikofaktoren auf einer Farbskala von Grün nach Rot..png|mini|Examplary distribution of risk factors on a color scale from green to red.]]This risk factor furthermore serves as criterium for the color of extent of damage classification in protection needs reports. On a color scale from green to red, the lowest risk factor results in the color green and the highest in the color red. Risk factors between those two result in colors according to their relative position on the scale from green to red.

Add criterion:
:Here the criteria already created can be mapped to an extent of damage class. Furthermore, in the context of the class it should be described what kind of damage must occur to fulfill a criterion.

'''Examples for damage extent classes:'''

{| class="wikitable"
|-
! Damage extent class
! Definition
|-
|rowspan = 4| Low
| Monetary damage: > 5.000 Euro and <= 25 Euro
|-
| Patient harm: minor and short-term inconvenience
|-
| Effectiveness loss: no or very limited impact on operations/procedures
|-
| Data and system security: disclosure of a relevant threat or vulnerability has negligible effect
|-
|rowspan = 4| Moderate
| Monetary damage: > 25,000 euros and <= 100,000 euros
|-
| Patient damage: temporary and minor injuries, medical intervention required
|-
| Effectiveness loss: very limited or nuisance effect on operations/measures 
|-
| Data and system security: disclosure of sensitive information could have negative (financial) consequences and may require resources to remediate.
|-
|rowspan = 4| Catastrophic
| Monetary damage: > 10 million euros
|-
| Patient harm: Death
|-
| Loss of effectiveness: planned operations/procedures no longer feasible
|-
| Data and system security: may lead to full disclosure of sensitive information 
|}

==Criteria for benefits==

If you also want to use opportunity management in HITGuard, you can configure evaluation criteria here. Benefit is not necessarily of a monetary nature. It can be determined, for example, by heightened effectiveness, improved image, or patient health. For this reason, HITGuard offers the possibility to freely configure criteria for benefit. These criteria can then be mapped to classifications of extent of damage and benefit and thus be used in protection needs analyses.

Criteria for benefits can be defined under "Risk management → Risk policy → Criteria for benefit".

[[Datei:Risikopolitik_KriterienNutzen.png|left|thumb|900px|Example: Criteria for benefits]]

==Nutzen==
Nutzen werden in Klassen unterteilt. Diese orientieren sich an der Fähigkeit des Unternehmens, Chancen auszunutzen. Der höchste Nutzen sollte sich daher an dem maximalen, für das Unternehmen erreichbaren, Nutzen orientieren.

If you want to use different benefit classes in one or more management systems, then create an additional classification of extent of damage and benefit for this purpose. You can then create new benefit classes for these.

Then assign the newly created classification to the desired management system as a classification under "Risk management → Settings".

Classes and classifications can be defined by administrators and experts by clicking on the plus next to the classes/classifications. (see figure)

[[Datei:Risikopolitik_Nutzen.png|left|thumb|901px|Example: Benefit Sehr groß]]

Monetary benefit:
: Here you define how high the monetary benefit of a class is.

Opportunity factor:

: The opportunity factor serves as a multiplier for calculating the risk ratio of an opportunity. The risk factor of the selected probability of occurrence is multiplied by the opportunity factor of the selected benefit, thus determining the risk ratio.
: The risk ratio serves to rank the risks and opportunities. The higher the risk ratio (meaninng, the further away from zero), the greater the significance of the opportunity.

Add criterion:
:Here the criteria already created can be mapped to a benefit class. Furthermore, in the context of the class it should be described what kind of benefit must occur to fulfill a criterion.

== Protection target synonyms==

Since protection goals can have different meanings in different classifications, it is possible to specify synonyms for the respective classifications in terms of their naming. For example, the protection goal "confidentiality" can be interpreted as privacy in the context of the data protection classification (see figure). This means that wherever the protection goal is applied, the protection goal characteristic of the damage extent classification of the data privacy management system - i.e., the designation "privacy" - is displayed.

This menu item is only visible if at least two damage extent classifications exist.

[[Datei:Schutzzielausprägungen.PNG|left|thumb|900px|Protection target synonyms]]

== Protection requirement ==

The protection requirement of an asset (a resource or a data category) indicates how critical the asset is to the organization.
Protection needs classes can be created and managed by administrators or experts under “Risk Management → Risk Policy → Protection Requirements”.

[[Datei:Schutzbedarf.PNG|left|thumb|900px|Example: Protection requirement High]]

In HITGuard, the protection needs class is based on the degree of dependency stored in the dependency relationship of the [[Special:MyLanguage/Strukturanalyse#Beziehungen_zwischen_Elementen|structural analysis]]. This value is typically derived from a protection requirement analysis or the PNA edge weight. 
The previously defined damage extent classes fall into different protection requirement classes depending on the value of your [[#BIA edge weights|SBA edge weight]]. You can define a separate range of percentage values for each protection requirement class, which then accommodate the respective PNA edge weights.

In the structural analysis, HITGuard determines, for each asset (resource or data category), the edge dependency as a percentage with the highest PNA edge weight value across all incoming protection target relationships. It then uses the specified range to determine the corresponding protection requirement class.

The color is used to signal the importance of a class in the structural analysis.

''' Examples for protection needs classes:'''
*Normal: The damage effects are limited and manageable (0-30% PNA edge weight).
*High: The damage effects can be considerable (30-70% PNA edge weight).
*Very high: The damage effects can reach an existentially threatening, catastrophic magnitude (70-100% PNA edge weight).

== Risk matrix==

The risk matrix for each protection requirement class results from the combination of extent of damage (vertical) and probability of occurrence (horizontal). For this purpose, the respective risk factors are multiplied in order to obtain the risk ratio. The higher the risk or opportunity ratio (as in, the further away from zero), the more critical a risk is and the more urgent it must be dealt with in order to prevent serious consequences, and the greater an opportunity is and the sooner it should be taken advantage of to gain a benefit.

Administrators and experts can specify in which color a risk indicator is displayed in the dashboard and structural analysis (the more critical and urgent a risk is, the more alarming the color should be) under " Risk Management → Risk policy → Risk matrix". Furthermore, the risk indicator serves to rank the risks and opportunities on the dashboard.

For each classification of extent of damage and benefit there is a separate risk matrix that can be configured.

[[Datei:Risikomatrix.PNG|left|thumb|900px|Example: risk matrix ]]

== Data classes==

The data classification specifies how data is to be handled, depending on your classification. This depends on the confidentiality of the data and the corresponding desired level of protection.

The number of categories, the name of the data class and its description are freely definable. A new class can be created using the "Plus" button.

It is usually possible to derive an association so that the different protection needs for each data class can be explained by the extent of damage associated with the confidentiality risk. Mapping between data classes and damage severity classes is therefore possible.

If several damage extent classifications exist, it is necessary to select from which classification the damage extent originates.

[[Datei:Beispiel Datenklassen.PNG|left|thumb|901px|Example: Class "Strictly confidential" ]]

'''Example:'''
{| class="wikitable"
|-
! Data classes !!! Damage extent class 
|-
| Public|| Very Low (Default)
|-
| Internal|| Medium (default)
|-
| Confidential|| Large (default)
|-
| Secret|| Very Large (default)
|}

== Abilities to control==

The abilities to control are used to evaluate the quality of the risk treatment measures and controls that have already been implemented for a risk. More about the context of their application can be found [[Special:MyLanguage/Risikobewertung | here]].

The abilities to control available for that evaluation can be managed here.

A new ability to control can be created with the "plus" button. Existing ones can be deleted with the "trash can" button.

The following abilities to control are offered by default:
* '''nicht relevant | not relevant''' - The ability to control the risk with the assigned set of measures and controls is not relevant.
* '''initial | initial''' - The ability to control the risk with the assigned set of measures and controls is in an early state of development.
* '''gemanagt | managed''' - The ability to control the risk with the assigned set of measures and controls can done successfully.
* '''definiert | defined''' - The ability to control the risk with the assigned set of measures and controls is reproducible and can be handled with an adapted standard process.
* '''gemessen | measured''' - The ability to control the risk with the assigned set of measures and controls is measurable with a statistical control.
* '''optimiert | optimized''' - The ability to control the risk with the assigned set of measures and controls is measurable with a statistical control and can improve the modus operandi.
These classes are recommendations and can be edited by Expert users; they are only available in German in the tool.

[[Datei:Abilities to control.PNG|left|thumb|900px|Abilities to control ]]

== Categories of risks/opps and impacts==

To be better able to manage and thus treat identified risks, opportunities, and impacts, categories can be defined under "Risk management → Risk policy → Categories of risks/opps and impacts".

New risk categories can be added with the "Plus" button. They can be renamed at any time. Categories that have not been selected for any risks/opps/impacts can also be deleted. The "Delete" button is deactivated for any categories that are currently in use.

[[Datei:Risikokategorien_Risikopolitik.png|left|thumb|901px|Risk policy > Categories or risks/opps and impacts]]

Individual risks, opportunities, and impacts can be assigned to and grouped by one or more category.

[[Datei:Risikokategorien_Übersicht.png|left|thumb|900px|Categories in the overview of risks]]

==Criteria for impacts==

An ilmpact can be of different natures. Therefore, HITGuard offers the possibility to freely configure criteria for impacts. These criteria can then be mapped to impacts.

Criteria for impacts can be defined under "Risk management → Risk policy → Criteria for impacts".

[[Datei:Risikopolitik_KriterienAuswirkungen.png|left|thumb|900px|Example: criteria for impacts]]

==Classifications for impacts==

The impact classifications describe the scale, scope, and remedy (only for negative impacts) of an impact. The are used in the materiality analysis to evaluate positive and negative impacts on the organization from outside and outwards by the organization. Using criteria, additional details can be recorded for the individual impacts.

Impact classes can be defined for each of the three classifications.

Add criterion:
:Here the criteria already created can be mapped to an impact class. Furthermore, in the context of the class it should be described what kind of circumstance must occur to fulfill a criterion.

Impact factor:
: The impact ratio is calculated from the impact factors of the impact classes and the risk factor of the probability of occurrence. Like the risk ratio, it shows how big or small an impact is by a company on its environment.

[[Datei:Risikopolitik_KlassifikationAuswirkungen.png|left|thumb|900px|Impact classes]]