User Account

All Pages

Determining the likelihood and impact of occurrence

Assignment Help Business Management
Reference no: EM13307095

Case Study: Determining the Likelihood and Impact of Occurrence

One of the most challenging aspects of a risk assessment is determining the likelihood of occurrence and impact. NIST SP 800-30 defines the likelihood of occurrence as follows: A weighted risk factor based on an analysis of the probability that a given threat source is capable of exploiting a given vulnerability (or set of vulnerabilities). For adversarial threats, an assessment of likelihood of occurrence is typically based on: (i) adversary intent; (ii) adversary capability; and (iii) adversary targeting. For other than adversarial threat events, the likelihood of occurrence is estimated using historical evidence, empirical data, or other factors. Organizations typically employ a three-step process to determine the overall likelihood of threat events:

Image Organizations assess the likelihood that threat events will be initiated (for adversarial threat events) or will occur (for non-adversarial threat events).

Image Organizations assess the likelihood that the threat events, once initiated or occurring, will result in adverse impacts or harm to organizational operations and assets, individuals, other organizations, or the nation.

Image Organizations assess the overall likelihood as a combination of likelihood of initiation/occurrence and likelihood of resulting in adverse impact.

Identify two threat sources-one adversarial and one non-adversarial-that could exploit a vulnerability at your school or workplace and would result in disruption of service. An adversarial event is the intentional exploitation of a vulnerability by criminal groups, terrorists, bot-net operators, or disgruntled employees. A non-adversarial event is the accidental exploit of a vulnerability, such as an undocumented process, a severe storm, or accidental or unintentional behavior.

1. For each (using your best judgment), answer the following questions:

a) What is the threat?

b) What is the threat source?

c) Is the source adversarial or non-adversarial?

d) What vulnerability could be exploited?

e) How likely is the threat source to be successful and why?

f) If the threat source is successful, what is the extent of the damage caused?

2. Risk assessments are rarely conducted by one individual working alone. If you were hosting a workshop to answer the preceding questions, who would you invite and why?

Reference no: EM13307095

Questions Cloud

Department of health and human services : The United States Department of Health and Human Services (DHHS) is absolutely huge, representing an $879 billion budget and 300 separate programs. DHHS carries out these programs through eleven public health service operating divisions. Select any t..
Analyze the situation using hofstede''s original four dimen : 1.Individually: Select a situation that is currently in the news that involves two or more cultures. Analyze the situation using Hofstede's original four dimensions, plus the universalism/particularism and task/relationship dimensions.
Write a program that requests a person weight and height : Write a program that requests a person's weight and height as input and displays the person's body mass index.
Compute the difference in design curve lenghts for designs : The curve is to be redesigned for a 70 mph design speed in the year of 2025. Vehicle braking technology has advanced so that the recommended design deceleration rate is 25% greater that the 2011 value used to develop
Determining the likelihood and impact of occurrence : Case Study: Determining the Likelihood and Impact of Occurrence
Determine how many unique combinations can be formed : A. List of all possible resistance combinations that can be formed with these springs. indicate drawings and calculation of each unique configuration. B. How many unique combinations can be formed
What is the rise in water surface : A cylindrical container filled with water having a cross section 0.04 m^2 is placed on a scale, What is the rise in water surface after the ball is put in the water compared to before
Prepare an er diagram for the database : Prepare an ER diagram for the database described below(using crows foot notation). Be sure to identify all required entities, attributes, and relationships (including cardinalities). State any assumptions you make, and indicate a primary key for e..
What is a predefined control event : What is a predefined control event? Discuss its usage in programming.

Reviews

Write a Review

Business Management Questions & Answers

  Evaluating e-commerce hosting services

Evaluating E-Commerce Hosting Services

  Example on performance management

Show how effective is the performance management system and give me three ways in which it can become improved.

  Discuss the global corruption barometer

Discuss the global corruption barometer and explain and discuss the ratings for the region in which your selected country is located.

  Explain your mne with a brief business plan

Create a fictional MNE which manufactures an imaginary product and choose a country in which to conduct FDI. Explain your MNE with a brief business plan.

  Business case study on alliant energy

What are the issues and problems facing the company? (Sort them by importance and urgency.) What is the primary problem for the company/organization in this case?

  Explain the firm and tell us why it isn''t responsive

Explain the firm and tell us why it isn't responsive and What are the consequences if a firm chooses to ignore such stakeholder groups

  Explain is there a difference among someone having capacity

Explain What rights do you believe are possessed by incompetent persons? Explain Is there a difference between someone having capacity to make decisions and being competent to make decisions?

  Calculating financial advantage of dropping the product

Calculate the financial advantage or disadvantage of dropping the product given its current performance.

  Re-engineering an organization into cross-functional teams

Expalin the resistance to change at the organization and individual levels that you will likely encounter

  Illustrate what are the new overall npv-roi and bep

Explain how do I present three possible decision alternatives to address the problem regarding the whistles that were found to have too much lead in them.

  Internal controls and corporate governance

The potential ramifications of your decision and based on your choice of action, what the perceived corporate governance of the company would be to the public

  Assesses the organization overall alignment

As a new leader, you must prepare a report for the CEO that assesses the organization's overall alignment between its vision, mission, values, and strategy. This report should consist of the following sections:

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd