User Account

All Pages

Establish framework for managing risk

Assignment Help Basic Computer Science
Reference no: EM132988887

Part 1: Prepare for Risk Management ("Establish a Framework for Managing Risk")

List the corporate requirements (i.e., standards, laws) associated with the company. Briefly explain the impact of non-compliance.

Develop categories and a classification method for company information systems. List at least eight categories for various people, processes, hardware, software, and data applicable to the company. Describe the data/system classification scheme as well as the reasons for selecting it.

Part 2: Identify Risk ("Where is the Risk to My Information Assets")

List a minimum of 20 assets (data, systems, people, processes, etc.) and measure their value to the company (Low, Moderate, High, Critical) in a simple table.

In one column, identify assets that can impact company compliance, customer satisfaction, competitive advantage, or business productivity (i.e., Business Impact Analysis).

Part 3: Assess Risk ("How Severe is the Risk to My Information Assets")

Identify, measure (quantitative and qualitative), and mitigate key information technology risks. In addition, describe each of the tasks associated with risk framing, assessment, response and monitoring. Refer to risk models (e.g., NIST SP 800-39 Managing Information Security Risk).

Select the optimal risk assessment methodology based on corporate needs. Compare the advantages/disadvantages of your selected risk assessment methodology to others used in the industry.

Provide a diagram of the matrix that was used to assess risk.

Define for each asset the potential threats, the likelihood the threat will occur or be successful, and the impact loss the asset will have on the company (Risk Mitigation Economics). Note: This includes disasters, loss of power, employee resignations, system malfunctions, drop-in customers, etc.

Using the vulnerability scan, list in a table a minimum of 15 identified threats (open vulnerabilities) to the information systems, the impact of the exploited vulnerability, and remediation steps (countermeasures) to remove or reduce either impact or likelihood from threat.

Part 4: Define Risk Appetite ("How Much Risk is Acceptable to My Organization")

Review the characteristics of a risk appetite within Chapter 6 of the course text.

Establish a Risk Appetite Statement for the company.

Define the Risk Tolerance of the company.

Part 5: Control Risk

Identify and describe the Risk Control Strategy adopted by the company. Ensure the strategy is in alignment with corporate requirements (standards, laws, frameworks, security policies, etc.) and risk appetite.

Reference no: EM132988887

Questions Cloud

How much money will you have at the end of two years : Interest rate is compounded quarterly for the next two years. How much money will you have at the end of two years
Firewall selection and placement : Describe each firewall, why you selected it, and where it should be placed for maximum effectiveness.
Calculate the recoverable amount for each of the three items : Supermax Ltd applies the cost model to record 'plant and equipment' in its books. Calculate the recoverable amount for each of the three items
Feasibility study and cost-benefit analysis : Distinguish between a feasibility study and a cost-benefit analysis. Summarize the cost-benefit analysis for your hypothetical e-commerce company.
Establish framework for managing risk : List the corporate requirements (i.e., standards, laws) associated with the company. Briefly explain the impact of non-compliance.
Prepare bank reconciliation at August : In addition, $2,576 collected for Blossom Company in August by the bank through electronic funds transfer. Prepare bank reconciliation at August 31, 2022
Calculate the inventory turnover : The following information is available for Larkspur, Inc. for three recent fiscal years. Calculate inventory turnover, days in inventory, and gross profit rate
Research unique article on encryption techniques : Research a unique article on encryption techniques. Post a summary of what you learned to the discussion thread,
Describe asymmetric-symmetric and public versus private keys : Describe asymmetric, symmetric and public versus private keys.

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Gps interaction and cognitive process

Imagine that you have been asked to design a GPS product that will have voice recognition and Bluetooth capability. Discuss and conceptualize a user interaction model. Predict two (2) problems that may arise in GPS products with voice recognition ..

  Specify a deliverable by its scope

The premise of a project's temporal undertaking is to specify a deliverable by its scope. To gain a deeper understanding of project scope, address the following

  Find the profit maximizing values of n and u

Profit = 100N + 68U -5N2 -5U2- 2NU. Find the profit maximizing values of N and U. Show your work.

  Calculate the integer part of the quotient

Incorporate the methods into an application that inputs an integer and calls displayDigits by passing the method the integer entered. Display the results.

  Selecting the appropriate candidate for a job

What would be examples of valid selection methods used by the human resource department to ensure selecting the appropriate candidate for a job.

  Value of a variable in a statement

Changing the value of a variable in a statement in which that variable is not named is generally considered poor programming practice

  Explicit strategies for technology development

Do you feel that countries and companies need explicit strategies for technology development,

  Calculate the mean and standard deviation of integers

Program that includes two user-defined methods to calculate the mean (average) and standard deviation of 5 integers.

  Describe the structure of an inverted index

Describe the structure of an inverted index in Information retrieval?

  Separate engineering management systems

An agency has focused its system development and critical infrastructure data correlation efforts on separate engineering management systems

  What are the issues for e-government websites

What are the issues for e-Government websites such as "Where's My Refund?" What's been done to authenticate users, and to insure privacy?

  Security professional and as regular user

What that teach us as a security professional and as regular user ?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd