User Tools

Site Tools

data_quality_management_system:data_quality_risk_analysis

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

data_quality_management_system:data_quality_risk_analysis [2023/03/18 18:39]
peter 		data_quality_management_system:data_quality_risk_analysis [2024/03/08 13:33]
Line 1: Line 1:
-=====Data quality risk analysis===== 
- 
-===Definition=== 
-A data quality risk analysis is an [[[general_term:analysis|analysis]] with regards to [[data_quality_general:data quality|data quality]]. 
- 
-===Note=== 
-Objective of a DQMS is that the data quality requirements are met. A risk analysis shows which situations or events could lead to these objectives not being met and which measures should be taken to reduce the risk to an acceptable level. 
- 
-===Purpose=== 
-Purpose of a risk analysis is to determine actions that prevent [[data_quality_management_system/data_issue|data issues]]. 
- 
-===Life cycle=== 
-^ Phase  ^ Activity                                             ^ 
-| Plan   | * Plan risk analysis                                 | 
-| Do     | * Compose a risk analysis\\ * Use the risk analysis  | 
-| Check  | * Review/Evaluate risk analysis\\ * Audit risk analysis       | 
-| Act    | * Update risk analysis                               | 
- 
-===Characteristics=== 
-^ Characteristic  ^ Requirement                                                           ^ 
-| Completeness    | The risk analysis contains the most important situations and events.  | 
-| Effectiveness   | The risk analysis leads to preventive actions that produce results.   | 
- 
- 
-===Relations=== 
-  * Risk analysis is an element of the [[data_quality_general:data_quality_management_system|DQMS]].\\  
-  * Risk analysis is aimed at meeting [[data_quality_management_system/data_quality_requirement|data quality requirements]].\\  
-  * Risk analysis prevents [[data_quality_management_system/data_issue|data issues]].\\  
-  * Risk analysis is assess in a [[data_quality_management_system/internal audit|internal audit]].\\  
-  * Risk analysis is discussed in [[data_quality_management_system/management review|management review]]. 
-  * Risk analysis leads to [[general_term/action|action]]. 
- 
-===Method=== 
- 
-A risk analysis consists of the next elements: 
-  - Asset that has effect on the objectives, e.g., supplier, input file, producer, applications, infra structure, communication, procedures, metadata, etc. 
-  - Situation with regard to the asset that can cause an event 
-  - Event that can take place that has a negative effect on the objectives 
-  - Measures already taken to prevent or correct the situation or event 
-  - Exposure: frequency that the situation can occur 
-  - Probability: chance that the event will take place 
-  - Severity: gravety of the effect on the objectives 
-  - Risk-index: Exposure x Likelyhood x Severity 
-  - Additional measures needed to decrease the risk-index if the risk index is too high (preventive actions). 
-The Fine and Kinney method shows which values should be assigned to exposure, probability and severity. 
- 
-==Exposure (E)== 
-The factor exposure indicates the duration that a risk can occur. The scale varies from 0.5 to 10.\\  
-  * 0,5 Very rarely (less than once a year) 
-  * 1 Rarely (yearly) 
-  * 2 Sometimes (monthly) 
-  * 3 Occasionally (weekly) 
-  * 6 Frequently (daily) 
-  * 10 Constantly (multiple times a day) 
- 
-==Probability (P)== 
-The probability or (mathematical) chance an incident will occur. The expectation is represented by ascribing a value from 0.1 to 10. 
-  * 0,1 Next to impossible / unthinkable 
-  * 0,2 Almost unimaginable 
-  * 0,5 Highly unlikely, but conceivable 
-  * 1 Unlikely, but possible in the long term 
-  * 3 Unusual (but possible) 
-  * 6 Possible 
-  * 10 To be expected 
- 
-==Severity (S)== 
-The factor severity indicates the possible damage, effects and consequences linked to a hazard. The scale reaches from 1 to 40. 
-  * 1 Slight effect 
-  * 3 Important effect 
-  * 7 Severe effect 
-  * 15 Very severe effect 
-  * 40 Disaster 
- 
-==Risk-index (R)== 
-The result of multiplying the parameters defines the risk-index: R = S x E x P. 
- 
-==Classification Risk-index== 
-  * R < 21 Slight risk; acceptable 
-  * 21 < R = 71 Little risk; attention required 
-  * 71 < R = 201 Moderate risk; apply simple measures 
-  * 20 < R = 401 High risk; apply large measures immediately 
-  * R > 401 Risk is too high; stop activities / operations 
- 
-===Example=== 
-Objective: Timely reporting to an external party. 
- 
-^ Asset          ^ Situation   ^ Event               ^ Measures taken      ^ Exposure  ^ Probability  ^ Severity  ^ Risk-index   ^ Additional measures    ^ 
-| Data supplier  | Unreliable  | Delayed delivery    | SLA                  3        |  6            7        |  126 (high)  | Meet supplier monthly  | 
-| Application    | Unavailble  | Delayed processing  | Incident procedure  |  3        |  0,5          1        | 1,5   (slight)       | None                   | 
- 
- 
-===Reference=== 
-Euronorm. [[https://www.euronorm.net/content/ce-marking/category/risk-analysis/fine-and-kinney-method.php|Fine and Kinney Method]]. 
- 
- 
- 
- 
- 
- 
  
data_quality_management_system/data_quality_risk_analysis.txt ยท Last modified: 2024/03/08 13:33 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution 4.0 International