The risk is something that every organisation must face on their business operations. These risk may include operations risk, financial risk, safety risk, environmental risk, etc. Since the risk cannot be avoided, then the only way to face with it is by controlling the risk into the as low as reasonably possible state. We called this approach as Risk Management.
The Risk Management is a single term that cover some processes that related to risk prevention, mitigation and controls including risk assessment, risk audit and stewardship.
In Industrial Control System (ICS) environment, the risk can also be in the form of safety risk (personal and organisational), operations risk (continuous operations and operations performance), financial risk (losses opportunity and cost incurred), environmental risk (spill, pollution, catastrophic incident such as fire explosion) and some other type of risk.
The Risk Management in ICS environment should be performed as the way to ensure the continuous operations of the business activities, since the ICS has the critical function related to the plant operations and performance.
“ICS Risk Management and Assessment” training cover the integrated concept and real work approach of the risk management framework, risk preparation phase, risk assessment workshop, mitigation and controls strategy, implementation and stewardship from the information security perspective (that also has integrated approach to HSE concern) in order to develop the robust controls security management to reduce the risk into ALARP level and maintain the risk on its “safety” operating window in ICS environment.