User Account

All Pages

Implement the methodology of the information technology

Assignment Help Computer Network Security
Reference no: EM131479741

PURPOSE

This document contains instructions to implement the methodology described in Section 6 (Risk Assessment) of the Information Technology (IT) Risk Management Guideline. This document is Appendix D of that Guideline, and is published under separate cover because of its size. This template does not stand alone and should be read only in conjunction with the Guideline.

The purpose of this document is to assist each Commonwealth of Virginia (COV) Agency in assessing the risks to its sensitive IT systems and data, and protecting the resources that support the Agency's mission. These instructions are based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-30, "Risk Management Guide for Information Technology Systems" and contain a recommended format for COV risk assessments.

The example risk assessment in this document:

1. Does not document compliance with all requirements of the COV ITRM IT Security Policy, IT Security Standard and IT Security Audit Standard. These omissions are designed to illustrate control weaknesses, and must not be construed to relieve any COV Agency of its responsibility to comply with all applicable requirements of IT Security Policy, IT Security Standard and IT Security Audit Standard.

2. Contains the names of fictional individuals, corporations, and products. No similarity to any actual persons, living or dead, nor to any actual corporation or product, past, present, or future, is intended. In addition no such similarity to any actual corporation or product, past, present, or future may be construed to represent an endorsement of any such corporation or product.

FORMAT

This document uses different fonts for instructions and examples, as follows:
- Times New Roman text, including all of the text in this section, is provided as instructions for completing a risk assessment.
- Arial Bold text inside a shaded text border is example text. In the examples, the template uses a fictional system called the Budget Formulation System (BFS), owned and operated by the Financial Operations Division (FOD) of a fictional agency called the Budget Formulation Agency (BFA). Times New Roman italic text is provided as background information. It is provided for better understanding of how to complete each section of the Risk Assessment Report, or so that the author knows to extend or replicate a section, such as by adding Agency-specific threats or vulnerabilities to the risk matrix.

This document consists of two primary sections:
o An example risk assessment, with instructions and explanatory material for BFS. This section is intended to provide guidance to COV agencies on how to complete risk assessments of their sensitive IT systems.
o A blank Risk Assessment Report containing the section headings and tables from the recommended format Risk Assessment Report, but no content. This section is intended for use by COV agencies in completing Risk Assessment Reports for their sensitive systems.

Reference no: EM131479741

Questions Cloud

Employee commitments to other companies : Discuss important elements of agency law related to employee commitments to other companies.
The human resources management in public sector : Discuss how you would drive change in the human resources management in public sector to ensure that it succeeds. What would be your key areas of focus and why?
Describe and define the scope of the project : Describe and define the scope of the project. Speculate as to how to control the scope. Identify possible risks, constraints, and assumptions.
Evaluate the concept of market competitiveness : Evaluate the concept of market competitiveness in relation to an organization's pay system, particularly when it is unable to offer.
Implement the methodology of the information technology : Information Technology Risk Management- Implement the methodology described in Section 6 (Risk Assessment) of the Information Technology (IT) Risk Management
Discuss why the current health care system is in turmoil : Identify two major problems of health care and analyze the impact of each of the chosen problems on consumers and the community.
Prepare a use-case description for each major use case : Develop a use-case description for each major use case. Create a high-level requirements document which captures the major functions of the system.
What is change in government revenue compared with nafta : Redraw the graph of trade diversion (Figure) with the S'Mex curve intersecting the MUS curve between points A and D.
What happens in stages d e m for a store instruction sw : Assume that registers are written in the 1st half of the clock cycle. Write the RTL code describing what happens in stages D, E, M for a store instruction SW.

Reviews

Write a Review

Computer Network Security Questions & Answers

  What issues can arise during admission of digital evidence

The DQ response should be between 500 words, and grammar and spelling are important. Please make sure to proofread carefully!

  Explaining level of cyberphobia in workplace

After completing the Unit reading on the subject, give your sense of the level of cyberphobia in the workplace and your suggestions on dealing with it as an IT manager.

  Udp and tcp use 1s complement for their checksums

Suppose you have the following 2 bytes: 01011100 and 01010110. What is the 1s complement of the sum of these 2 bytes?

  Ethical concerns in computing

Ethical Concerns in Computing

  Security management

Choose a topic from your major field of study. For example, if you pursuing a degree in education, your topic will come from the education field.

  Compute value of shared secret key

You have secretly picked value SA = 17. You begin session by sending Bob your computed value of TA. Bob responds by sending you value TB = 291. What is the value of your shared secret key?

  List and explain key objectives of information security

Information security is used to describe the tasks of protecting information in a digital form. List and explain three key objectives of information security. Also list and explain at least two additional protections (concepts)to present a complete v..

  How asymmetric cryptography is used to provide encryption

Briefly compare and contrast how asymmetric cryptography is used to provide encryption as opposed to how it can be used to provide a digital signature.

  Evaluate ability of different cloud computing architectures

Provide an Information Security assessment on your chosen provider using the techniques proposed by Ramgovind etal, and the ASD Cloud Computing Security Considerations as your primary references.

  Describes the five phases of an attack

CSIS 343- Our text describes the five phases of an attack, and we'll be discussing all those phases in this course. Although the phases from the text represent a generalized attack framework

  Which of the following values is the maximum end-to-end

which of the following values is the maximum end-to-end transit time that can adequately support voice traffic on a

  Current malware activity

Question: Of the top threats, how many can be classified as viruses? Worms? Trojans? Question: How many of them were discovered today? In the past week? How many are at least 1 year old?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd