Home » technology and calculating » arrange risk risks weaknesses essay

Arrange risk risks weaknesses essay

Download This Paper

a. Unauthorized access from community internet – HIGH

b. User destroys info in app and removes all data – LOW c. Workstation OS provides a known software vulnerability – HIGH deb. Communication signal outages – MEDIUM

e. End user inserts CD’s and UNIVERSAL SERIAL BUS hard drives with personal images, music and videos in organization held computers – MEDIUM installment payments on your

a. PO9. three or more Event Id – Identify threats with potential unfavorable impact on the enterprise, including business, regulatory, legal, technology, trading spouse, human resources and operational aspects. b. PO9. 4 Risk Assessment – Assess the chance and impact of risks, using qualitative and quantitative methods.

c. PO9. 5 Risk Response – Develop a response designed to mitigate experience of each risk – Recognize risk tactics such as prevention, reduction, acceptance – decide associated duties; and consider risk patience levels.

a. Unauthorized get from open public internet – AVAILABILITY

b. User destroys data in app and removes all data files – HONESTY c. Workstation OS includes a known application vulnerability – CONFIDENTIALITY m. Communication signal outages – AVAILABILITY

e. Customer inserts Compact discs and UNIVERSAL SERIES BUS hard drives with personal photos, music and videos in organization held computers – INTEGRITY some.

a. Unauthorized get from general public internet – Operating system, software patches, changes, change security passwords often , and hardware or perhaps software fire wall. b. Consumer destroys data in application and removes all data – Prohibit access intended for users to only those systems, applications, and data needed to perform their very own jobs. Decrease write/delete permissions to the data owner simply. c. Workstation OS includes a known application vulnerability – Define a workstation software software weeknesses window insurance plan. Update application software and security spots according to defined policies, standards, techniques, and guidelines. d. Interaction circuit outages – the role of countermeasures against catastrophic failures is not to eliminate all of them which is impossible, but to decrease their rate of recurrence and intensity. e. User inserts CD’s and UNIVERSAL SERIES BUS hard drives with personal photographs, music and videos in organization owned or operated computers – Disable interior CD

drives and USB plug-ins. Enable programmed antivirus tests for injected media drives, files and e-mail attachments. An malware scanning program examines brand new files with your computer’s harddrive for viruses. Set up anti-virus scanning to get e-mails with attachments. The Risk Management Process

a. Step one Identify the hazards

b. Step 2 Decide who have might be harmed and how

c. Step three Evaluate the hazards and choose precautions

d. Step 4 Record your findings and implement them

elizabeth. Step 5 Review your assessment boost if necessary

5.

a. Danger or Weeknesses #1:

* Details – Interpersonal engineering/ set up web blocking software. 2. Application – Malicious and non-malicious hazards consist of inside attacks by disgruntled or perhaps malicious personnel and outside episodes by nonemployees just trying to harm and disrupt a great organization/ computer security, software program quality, and data quality programs. 5. Infrastructure – Terrorist organizations, both international and domestic/Natural forces such as time, weather conditions and disregard. * Persons – Reckless employees/Educating users

b. Threat or Vulnerability #2:

* Information – Intentional/Unintentional Action, electric battery backup/generator, writing file system and RAID safe-keeping * Application – Computer software bugs/ malicious act, antivirus security and network firewalls * Infrastructure – Power inability, Hardware failure/security fixes and system patches * Persons – malevolent act/ Training users

c. Threat or perhaps Vulnerability #3:

5. Information – zero-hour or perhaps day zero/ Zero-day safety, Secure Plug Layer (SSL) * Software – Keeping the computer’s application up-to-date 2. Infrastructure – malicious software/analyze, test, statement and mitigate. * People – Reckless employees/Educating users

6. True or Phony – COBIT P09 Risikomanagement controls goals focus on analysis and administration of IT risk. 7. Why is it important to address each identified threat or weeknesses from a C-I-A perspective?

8. Once assessing the chance impact a threat or vulnerability is wearing your “information” assets, why must you line up this analysis with your Data Classification Standard? How can an information Classification Normal help you measure the risk impact on your “information” assets?

9. When examining the risk impact a danger or weakness has on the “application” and “infrastructure”, for what reason must you align this analysis with both a server and application computer software vulnerability assessment and remediation plan?

12. When examining the risk effects a threat or weeknesses has on the “people”, we could concerned with users and workers within the Consumer Domain as well as the IT secureness practitioners who must apply the risk minimization steps identified.

How can you talk to your end-user community that the security threat or weeknesses has been identified for a production system or application? How will you prioritize risk remediation duties?

11. Precisely what is the purpose of making use of the COBIT risk management framework and approach? Assess the likelihood and impact of risks, applying qualitative and quantitative strategies.

12. What is the difference among effectiveness vs efficiency once assessing risk and risikomanagement? Effectiveness can be following the instruction of a specific job while efficiency does the teaching in reduced time and cost. They say Effectiveness is doing what’s right and efficiency does things rightly done.

13. Which three of the seven focus areas pertaining to IT risk management are primary concentrate areas of risk assessment and risk management and directly connect with information program security?

16. Why is it important to assess risk impact by four several perspectives as part of the COBIT P09 Framework? That assigns responsibility.

15. Precisely what is the name of the corporation who identified the COBIT P09 Risikomanagement Framework Explanation? Information Systems Audit and Control Relationship (ISACA).

1

< Prev post Next post >

Related Documents:

  • Drawbacks of social media essay

    Creating a social network or using online social network might deliver a lot of advantages for students but it is not all sunshine and roses since everything in every area of your life will have this own advantages and disadvantages. Thus, the first cons for employing social network will be it can lessen one learning […]

  • What is system research and style essay

    Systems Analysis and Style (SAD) is an exciting, lively field by which analysts constantly learn fresh techniques and approaches to develop systems better and successfully. In business, SAD refers to the examining a company situation with the intent of improving that through better procedures and methods. System analysis and design relates to shaping businesses, improving […]

  • Generations of computer essay

    The development of the included circuit was the hallmark with the third technology of personal computers. Transistors had been miniaturized and placed on silicon chips, named semiconductors, which usually drastically increased the speed and efficiency of computers. A chip is known as a small item of semi performing material(usually silicon) on which a built-in circuit […]

  • Payroll literature review essay

    In linen industry, top quality is closely related to staff performance. An essential feature of any successful factory can be motivated employee. Therefore the performance of an staff towards his or her place of work as well as the extent to which an employer, owner or administrator is able to motivate employees may possibly have […]

  • Internet censorship essay 2

    NET CENSORSHIP Internet censorship is subjected to governmental control to keep programs inoffensive for the public. This controls the ideas and information in a society. The question is if govt should be allowed full power on the net. Is it entirely fine allowing the government to make the decision the information we access and does […]

  • On line real estate system essay

    1 . 0 Subjective Currently in the housing sector where there is usually availability of rentals and bedrooms to rent, the customers encounter a great concern in moving around looking for properties which selection their requirements from three bedroom rentals to sole rooms. This kind of takes a wide range of time and resources since […]

  • Recommended capstone job essay

    To implement the device in an on the web environment. To design a database that will organize blotter related info and documents. To provide a search facility for finding and filtering of documents. To include a module that may facilitate modernizing of reported blotters. To generate statistical reports pertinent intended for decision making. Project Description […]

  • Computerized enrollment program essay

    INTRODUCTION As the generation transform past, technology innovation is likewise past changing mostly the computers. Computer system benefits like the way of applying certain application for workplace or task works, to get record keeping purpose or even communication. In addition, computer performs various responsibilities accurately, quickly and efficiently. This is very user-friendly that caters all […]

  • The marketing strategy of wii essay

    The Wii can be described as home video gaming console, launched in the main global marketplaces at the end of 2006. It truly is released by Nintendo, which is one of the most influential and reputable leading company in the planet’s game industry with older history, unique brand culture and loyal supporters. Over the past […]

  • Srs for passport essay

    The perfect structure of online passport registration gives security for the passports to get registered exactly where in we are able to fill all the details in an successful and easy fashion. A passport is a document, issued with a national Govt. This certifies, for the purpose of intercontinental travel, the identity and nationality of […]

  • Management information systems essay

    This newspaper will talk about the local business of Fascinations Beauty Salon, as well as the internet tactical model to help develop the corporation. This business will have to have a new approach that create for the viable rewards. Fascinations Beauty Salon will need to be prepared in order to gain from creating a web […]

Need writing help?

We can write an essay on your own custom topics!