Preview

Risk Management in Information Technology Security

Satisfactory Essays
Open Document
Open Document
789 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Risk Management in Information Technology Security
IS3110 Risk Management in Information Technology Security STUDENT COPY: Graded Assignments
© ITT Educational Services, Inc.
All Rights Reserved. -73- Change Date: 05/25/2011

Unit 1 Assignment 1: Application of Risk Management Techniques
Learning Objectives and Outcomes
You will be able to identify different risk management techniques for the seven domains of a typical IT infrastructure and apply them under different situations.

Assignment Requirements
Introduction:
As discussed in this Unit, after IT professionals identify threat/vulnerability pairs and estimate the likelihood of their occurrence, IT management must decide which risk management techniques are appropriate to manage these risks. IT managers then present this information to the senior management.
The role of the senior management is to allocate resources, specifically money and employees, to prepare for and respond to identified threats and vulnerabilities appropriately.
This assignment allows you to fulfill the role of an IT manager in a small business tasked with determining appropriate risk management techniques for identified threats and vulnerabilities and to make related recommendations to senior management.
Read the scenario given below and then complete the given assignment tasks that are given:
Scenario:
YieldMore is a small agricultural company that produces and sells fertilizer products. The company operates through its headquarters in a small town in Indiana. Outside its headquarters, there are two large production facilities—one in Nebraska and one in Oklahoma. Furthermore, YieldMore employs sales force personnel in every state in the U.S. to serve its customers locally.
The company has three servers located at its headquarters—Active Directory Server, a Linux application server, and an Oracle database server. The application server hosts YieldMore’s primary software application, which is proprietary program managing inventory, sales, supply-chain, and

You May Also Find These Documents Helpful

  • Good Essays

    Risk Management

    • 622 Words
    • 3 Pages

    The Integrated Distributors Incorporated is a publically traded company that is facing many challenges. The company’s Information technology infrastructure has been ignored and many of its operating locations are running outdated hardware and software, which greatly increases the risk to the network in relations to confidentiality, integrity, and availability. Because of the outdated hardware and software, the company suffered some network compromises through their JV internet site and it led to disclosures of sensitive and strategic information.…

    • 622 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    Is3110 Week4 Lab1

    • 569 Words
    • 2 Pages

    3 How do risk management and risk assessment relate to a business impact analysis for an IT infrastructure?…

    • 569 Words
    • 2 Pages
    Powerful Essays
  • Satisfactory Essays

    Crisis Intervention

    • 257 Words
    • 2 Pages

    1. Tour 1st task of this qn is to comprehend the given case scenario below:…

    • 257 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Project Baseline

    • 532 Words
    • 3 Pages

    There are many techniques in identifying risk, the most popular is brainstorming. Brainstorming is the preferred method because you have the opportunity work with different people in the organization to give you different perspectives. The goal of brainstorming is to cover every potential risk, without making judgment about their importance in the initial stage. A facilitator will brief the group on the purpose of the brainstorming session and the intended outcome. Members of the brainstorming team should be the one most familiar with the problems in the organization. The number of risk discussed during a session should be limited to ten because going past ten faults could lead to redundancy but always remember it is better to have more than ten risks because you never want to be in a position where you are not identifying enough risk (Cooper, Grey, Raymond, & Walker, 2005, Pg. 39).…

    • 532 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    In this assignment, you will be given a Request for Proposal (RFP) that includes a current IT policy…

    • 313 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Tags: sec402, sec 402, Cyber Security, sec 402 Cyber Security, strayer university, sec 402 strayer, sec 402 complete class, sec402 entire, sec 402 complete, sec 402 case study 1, case study, assignment, complete class, sec 402 Case Study 1 - The Critical Need for Information Security, sec 402 Assignment 1 - Developing the Corporate Strategy for Information Security, sec 402 Case Study 2 - Developing the Forensics, Continuity, Incident Management, and Security Training, sec402 Assignment 2 - Implementing Network and Personnel Security Measures, The Rookie Chief Information Security Officer, sec402 term paper The Rookie Chief Information Security Officer, sec 402 mid, sec402 midterm exam, sec 402 final, sec402 final exam, testbank, quiz bank…

    • 265 Words
    • 1 Page
    Satisfactory Essays
  • Best Essays

    Two factors increase the stakes of the cyber struggle. Tactically and operationally, the increasing dependence of modern technologically advanced forces (especially U.S. forces) on networks and information systems create new kinds of exploitable vulnerabilities. Second, as modern societies including the militaries that mirror them have continued to evolve, they have become ever more dependent on a series of interconnected, increasingly vulnerable “critical infrastructures” for their effective functioning. These infrastructures not only have significantly increased the day-to-day efficiency of almost every part of our society, but they have also introduced new kinds of vulnerabilities.…

    • 4737 Words
    • 19 Pages
    Best Essays
  • Powerful Essays

    “Businesses, governments, and other organizations face a wide array of information security risks. Some threaten the confidentiality of private information, some threaten the integrity of data and operations, and still others threaten to disrupt availability of critical systems” (Sullivan, 2009). Since such security risks are always going to present in the cyber world, businesses and organizations need to fully be aware of any vulnerabilities in their systems. The initial realization of any organization’s vulnerability can only first be understood through the knowledge of what vulnerability means. A vulnerability is a security weakness but not a security threat. It is what needs to be assessed in order to examine an organization’s network. One of the main network vulnerabilities facing IT managers today is the absence of encrypted data being transferred and received between uninformed users and the lack of knowledge and understanding within an organization’s internal structure.…

    • 1764 Words
    • 8 Pages
    Powerful Essays
  • Better Essays

    Enterprise Risk Management

    • 2131 Words
    • 9 Pages

    Vaidyula, S. A., Kavala, J. (2011). Enterprise Risk Management for Banks. Wipro Council for Industry Research.…

    • 2131 Words
    • 9 Pages
    Better Essays
  • Satisfactory Essays

    System Development

    • 746 Words
    • 3 Pages

    Information technology (IT) is defined as “any computer-based tool that people use to work with information and support the information and information-processing needs of an organization” (Haag, Cummings, 2013). An IT department has become a crucial aspect for businesses in today’s societies because it is not only they’re to help a business continue to develop new technology, but it is also there to help employees when needed. The use of software’s and databases has become more frequent in businesses and when software and databases get used more, there is even more of a need for an IT department.…

    • 746 Words
    • 3 Pages
    Satisfactory Essays
  • Good Essays

    Enterprise risk management

    • 1584 Words
    • 15 Pages

    Enterprise risk management ERM      Enhanced corporate governance document to effectively identify, assess and manage risk so organizations could improve the risk management process. Expands on internal control, providing a more robust and extensive focus on the broader subject of ERM Does not replace the internal control framework but it incorporates the internal control framework within it. Helps management set a strategy and objectives in order to effectively deal with uncertainty and associated risk and opportunity in order to create value. Incorporates rather than replaces.…

    • 1584 Words
    • 15 Pages
    Good Essays
  • Satisfactory Essays

    IT team – provide help regarding the organisations systems e.g. telephones, computers, laptops, date storage and security, networks, aiding customers to use it correctly improving their quality of work.…

    • 1212 Words
    • 5 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Project Pt 1

    • 338 Words
    • 2 Pages

    The Seven Domains of a typical IT infrastructure are as follows, with the corresponding security proposed for each domain.…

    • 338 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Is 305 Lab 1

    • 538 Words
    • 3 Pages

    One of the most important first steps to risk management and implementing a risk mitigation strategy is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities and map them to the domain that these impact from a risk management perspective.…

    • 538 Words
    • 3 Pages
    Satisfactory Essays
  • Good Essays

    assigment 3

    • 558 Words
    • 3 Pages

    For this assignment, using the situation given below, apply the S.W.O.T. Situational Planning Strategy which was described in Chapters 4 and 7 of your course text:…

    • 558 Words
    • 3 Pages
    Good Essays