ABSTRACT
Risk analysis is the process of defining and analyzing the dangers to individuals, businesses and government agencies posed by potential natural and human-caused adverse events. In a quantitative risk analysis, an attempt is made to numerically determine the probabilities of various adverse events and the likely extent of the losses if a particular event takes place. Qualitative risk analysis, which is used more often, does not involve numerical probabilities or predictions of loss. Risk mitigation is a systematic reduction in the extent of exposure to a risk and/or the likelihood of its occurrence. When looking at implementing computer systems one approach might be to tie the management of risks into the phases of the life cycle. Moving on to the next step—managing the risks is the goal. When dealing with critical information such as medical information where patients are at risk, risks must be managed to make things as safe as possible for the patient.
