Risk modeling and simulations

Abstract

As risk management is becoming a central challenge of our time, modeling and simulation of risks is in turn becoming a basic tool being employed. This paper describes an approach to risk modeling at a level that is sufficiently general to allow direct application in simulation tools. The author's assumption is that risk is an attribute of human beings and not things or concepts. The model is based on the assumption that system processes (usually the model of business processes) and the input and output need to be divided into segments; similarly we need to make a segmentation for stakeholders whose risk we want to model and simulate. Parameters can be used to define individual processes. Processes include functions that calculate new values of parameters and output on the basis of given input. Based on given tolerance levels for risks, impacts, and process parameters, the model determines whether these levels are acceptable. The model assumes that parameters and functions are non-deterministic, i.e. parameters and functions may change in time. Such approach requires significantly more complex modeling and simulation. To what extent such modeling improves the quality of results, remains unanswered.