Preview

Information System Risks

Better Essays
Open Document
Open Document
1562 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Information System Risks
Information System Risk Management

Claudia I. Campos

CJA 570 Cyber Crime and Information Systems Security

July 5, 2010
Steven Bolt
Abstract
The realization of potential risks to an organizations information system has been increased in the past few years. The principles of risk management, vulnerabilities, internal threats, and external threats is the first step in determining which levels of security are necessary to protect and limit the risks to an organizations information system. This essay will describe the principles of risk management as they pertain to the information system and its associated technology of Professional Security Training School. Moreover, this essay will include an exploration of the vulnerabilities of their system, and specifically address the nature of potential internal and external threats, including natural or unintended events that can jeopardize the system. Finally, it will determine what levels of security are appropriate to secure the information system while allowing a maximum amount of uninterrupted workflow.
Information System Risk Management Businesses realize that the security of their information system is a major part for an organization in the continued pursuit of organizational operations and providing services. The principles of risk management, identification, assessment, and prioritization must be determined by management prior to establish and implementing levels of information system security. In addition, vulnerabilities, internal threats, and external threats must be uncovered and addressed to secure the information system. Establishing different levels of security to secure the information system of Professional Security Training School (PSTS) will limit potential security threats. In analyzing the information system risks of PSTS, decisions must be made to deter or limit potential security threats, which are the client database, staff accessibility, and client privacy.
Risk Management


References: Choice Point Government Services. (September 2009). Texas Multiple Award Schedule. TXMAS-3-520010. Retrieved from http://www.choicepointgov.com/texas.pdf Gasser, M. (1988): Building a secure computer system; Cambridge University Press. Retrieved from http://nucia.unomaha.edu/dspace/documents/gasserbook.pdf United States Department of Agriculture. (February 2005). USDA Risk Management Methodology. DM 3540-001. Retrieved from http://www.ocio.usda.gov/directives/doc/DM3540-001.pdf
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Better Essays

    Kudler Fine Foods IT Security Report FINAL WEEK 5
    • 2101 Words
    • 8 Pages

    Kudler Fine Foods IT Security Report FINAL WEEK 5

    To properly secure an information system means protecting its files and other confidential information from misuse. The current speed of technological growth requires ever evolving security measures to follow these developments. As the members of Team “A” set out to address this need, it was necessary to discuss the requirements. The foundation of all concrete security plans require a detailed knowledge of all current systems, the tools needed to accomplish security needs and employee training. The implementation of these requirements will be outlined within a final Security Presentation.…

    • 2101 Words
    • 8 Pages
    Better Essays
    Read More
  • Powerful Essays

    IS3110 U5L1
    • 912 Words
    • 4 Pages

    IS3110 U5L1

    One of the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers, you now must then find the threats and vulnerabilities found on these workstations and servers. Servers that support mission critical applications require security operations and management procedures to ensure C-I-A throughout. Servers that house customer privacy data or intellectual property require additional security controls to ensure the C-I-A of that data. This lab requires the students to identify threats and vulnerabilities found within the Workstation, LAN, and Systems/Applications Domains.…

    • 912 Words
    • 4 Pages
    Powerful Essays
    Read More
  • Good Essays

    Nt1330 Unit 3 Assignment 1
    • 801 Words
    • 4 Pages

    Nt1330 Unit 3 Assignment 1

    This report gives a brief description the general security solutions planned for the safety of data and information that belongs to the organization. The outline will provide elements of a multi-layered security plan, and will indicate a general security solution for each of the seven domains of a typical IT infrastructure. Also I will describe a layer of security for each of the seven domains.…

    • 801 Words
    • 4 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    It205 Capstone Question
    • 633 Words
    • 3 Pages

    It205 Capstone Question

    In modern business, information and enterprise systems are becoming major backbones, relied upon for function, communication and longevity. Even smaller businesses have become dependent on computers for operations as well as management of information, from everything from billing, stock levels, to payroll. With the growing demand and need for computer systems and networks, issues begin to arise with systems security. Viruses, Trojan horses, worms, hackers, as well as internal security issues can plague a business. This paper will cover some of the basic concepts for system security, and possible threats.…

    • 633 Words
    • 3 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Is4231 Week 5
    • 3436 Words
    • 14 Pages

    Is4231 Week 5

    Evaluate the internal and external factors that influence the activities and organization of an information security program List and describe the typical job titles and functions performed…

    • 3436 Words
    • 14 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Doa's It System Risk Analysis
    • 1633 Words
    • 7 Pages

    Doa's It System Risk Analysis

    Is a high integrity, medium availability for DoD ISs handling information that is important to the support of deployed and contingency forces. The consequence of loss of integrity is unacceptable. Loss of availability is difficult to deal with and can only be tolerated for a short time.…

    • 1633 Words
    • 7 Pages
    Powerful Essays
    Read More
  • Good Essays

    NT2580 Project part 1
    • 606 Words
    • 3 Pages

    NT2580 Project part 1

    Safety of data and information is a real important aspect of a company. Before we can create an outline for general security solutions we must first define what is needed. I recommend that we use a multi-layered security plan. There are a total of seven domains of an IT infrastructure including user domain, workstation domain, LAN domain, LAN-to-WAN domain, WAN domain, remote access domain, and system/application domain.…

    • 606 Words
    • 3 Pages
    Good Essays
    Read More
  • Powerful Essays

    Nt1310 Unit 1 Assignment 1
    • 1434 Words
    • 6 Pages

    Nt1310 Unit 1 Assignment 1

    Information has become the most valuable asset of any organization. And keeping that information secure is a major factor in the design and development of any computer system. Security is defined by Merriam-Webster as “the state of being protected or safe from harm”. It is up to every organization to insure that their data is protected, and that nothing that is harmful to the company or its clients is compromised.…

    • 1434 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Good Essays

    Unit 242 It Security for Users
    • 793 Words
    • 4 Pages

    Unit 242 It Security for Users

    | Describe ways to protect hardware, software and data and minimise security riskThere are steps to prevent threats to system and information: access to information sources should be allowed with Username and password/PIN selection. The system set up on password strength; how and when to change passwords (monthly); online identity/profile; Real name, pseudonym; what personal information to include, who can see the information; Respect confidentiality, avoid inappropriate disclosure of…

    • 793 Words
    • 4 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Is 305 Lab 1
    • 538 Words
    • 3 Pages

    Is 305 Lab 1

    One of the most important first steps to risk management and implementing a risk mitigation strategy is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities and map them to the domain that these impact from a risk management perspective.…

    • 538 Words
    • 3 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    Discussion Paper Chapter 3
    • 280 Words
    • 2 Pages

    Discussion Paper Chapter 3

    Security is a business issue because companies have very valuable information assets to protect. Business must protect not only their own information assets but also those of customers, employees, and business partners. Failure to do so may open the firm to costly litigation for data exposure or theft. Systems often hold confidential information about customers information( social security, date of birth, credit card information, taxes), corporate operations, new product development plans, marketing strategies. These information assets have tremendous value for the companies and can be devastating if they are lost, destroyed, disturbed or placed in wrong hands.…

    • 280 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    Cmgt 430 Enterprise Security Research Paper
    • 2331 Words
    • 10 Pages

    Cmgt 430 Enterprise Security Research Paper

    This Learning Team Project requires students to develop a semi-quantitative, weighted analysis that generates a comprehensive threat/vulnerability analysis of enterprise security, along with appropriate security measures and recommendations. Additionally, the readings provide background information supporting various techniques, as well as how to do assessments, how to create rankings, and so forth. These readings should be previewed as early as possible, rather than waiting for the specific week. The Enterprise Security Plan is due in Week…

    • 2331 Words
    • 10 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Security Awareness Policy
    • 1733 Words
    • 3 Pages

    Security Awareness Policy

    with IS security policies by signing a compliance agreement that is retained in their personnel…

    • 1733 Words
    • 3 Pages
    Powerful Essays
    Read More
  • Good Essays

    Computer Specialist Career
    • 525 Words
    • 3 Pages

    Computer Specialist Career

    A computer security career is a highly diverse and important position, where you could work anywhere from a College Campus to a Hospital Administration building, all the way up to the Government Agencies all over the world. With so many new businesses’ opening daily, worldwide, the job market will be forever expanding. Whenever a business’s computer system acts up it’s the job of their computer security specialist to carefully take all the required steps to identify and resolve the specific issue, combining many people into one, saving the company lots of money. These specialists have and exceptional and advanced overall knowledge of all things computer.…

    • 525 Words
    • 3 Pages
    Good Essays
    Read More
  • Better Essays

    Cmgt400 Week 3
    • 1752 Words
    • 8 Pages

    Cmgt400 Week 3

    Whitman, M., & Mattord, H. (2010). Management of Information Security (third ed.). Pittsburgh, PA: Cengage Learning.…

    • 1752 Words
    • 8 Pages
    Better Essays
    Read More

Related Topics