About Henriette van Wijnen

This author has not yet filled in any details.
So far Henriette van Wijnen has created 113 blog entries.
11 07, 2019

ISO 31000 blog series – Recording and reporting

2019-08-02T11:53:27+02:00Blog|

Having walked through the previous ISO 31000 steps, we now come to the “Recording and Reporting” step. Recording is about recording information in a risk register, so that this information can then be reported to decision-makers. In a sense this is what the bowtie does best – it records risks which can then be reported [...]

4 07, 2019

CHASE – Visualizing cyber security vulnerabilities using bowties

2019-07-24T10:08:51+02:00Blog, Cyber security|

Guest blog by David Hatch from Process Safety Integrity Hazards 29 is Europe’s leading process safety forum. At this year’s event, industry expert Andy Geddes and CGE Partner David Hatch from Process Safety Integrity presented their new CHASE concept. Their work has developed a practical methodology for Computer Hazard And Security Evaluation. You can't defend [...]

24 06, 2019

End of life SharePoint add-on for BowTieXP

2019-06-24T11:16:25+02:00News|

We hereby announce that the BowTieXP SharePoint add-on will be End Of Life by the end of this year. The main reason for the EOL is that the maintenance on the add-on becomes very hard, because of (ongoing) changes to the way SharePoint works. In addition to that, nowadays, the basic Microsoft SharePoint functionality covers [...]

18 06, 2019

ISO 31000 blog series – Risk treatment

2019-06-18T13:24:35+02:00Blog|

This week’s blog is on Risk Treatment. It is an important step in completing the Plan-Do-Check-Act cycle for continuous quality improvement. Much like a doctor and her patient, before we can treat our operations, we need to diagnose what the problem is and where our treatment should be applied. Once the cure has been diagnosed, [...]

23 05, 2019

ISO 31000 blog series – Risk evaluation

2019-05-24T16:29:59+02:00Blog|

In the past blogs, we covered how to set the scope, identify major risks and analyze them using the bowtie methodology. In this edition, our focus is on evaluating the risk which was analyzed previously. It is possible to evaluate risks in different ways, divided into two categories, the qualitative and the quantitative way. Using [...]

13 05, 2019

A Mining Guest Blog Series by Jim Joy – Part 8: Identifying critical controls

2019-05-13T15:50:31+02:00Blog|

The 9-step Critical Control Management (CCM) process was shown in the last article with a discussion about the need to establish quality Control-Based Risk Management (CBRM) for priority unwanted events (step 3) before moving to CCM. This article will continue with the CCM process, presenting a variety of approaches to selecting potential critical controls (step [...]

9 05, 2019

LNER using bowtie to plan for contingency

2019-05-09T11:30:21+02:00News|

The London North Eastern Railway, formerly known as Virgin Trains East Coast, developed a bowtie to be used as both a risk assessment and a project plan. In case of a strike, the company has two weeks to organize contingency operations. Using the bowtie ensures the operations are just as safe as during normal operations. [...]

7 05, 2019

ISO 31000 blog series – Which factors should you consider during risk analysis?

2019-05-07T12:19:57+02:00Blog|

In our last blog, we briefly mentioned ISO 31000 guidelines on risk analysis and then introduced the bowtie methodology. In this week’s blog, we will explore this in more detail using the bowtie methodology. According to the ISO 31000 guideline, you should consider multiple factors during the risk analysis phase. As the International Organization of [...]

25 04, 2019

ISO 31000 blog series – Risk analysis

2019-04-25T11:40:37+02:00Blog|

In our previous blogs, we talked about risk identification. Walking through this process, you end up with a large list of potential incidents scenarios, in other words: a risk register. A question we often get is: “Do we need to make a bowtie for every risk identified?” Well, the answer is no. ISO 31000 recommends [...]