Preview

IS 3110 lab 4 questions

Good Essays
Open Document
Open Document
403 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
IS 3110 lab 4 questions
1. What is the goal or objective of an IT risk assessment?
The aim of the risk assessment process is to remove a hazard or reduce the level of its risk by adding precautions or control measures, as necessary. By doing so, you have created a safer and healthier workplace.
2. Why is it difficult to conduct a qualitative risk assessment for an IT infrastructure?
It is difficult to conduct a qualitative risk assessment for an IT infrastructure because it determines the level of risk based on the probability and impact of the risk. You determine these values by gathering the opinions of experts.
3. What was your rationale in assigning “1” risk impact/risk factor value of “Critical” for an identified risk, threat or vulnerability?
The “1” risk, threat, or vulnerability impacts compliance and places the company in position of increased liability but is not as critical as “2” or ‘3.”
4. When you assembled all of the “1” and “2” and “3” risk impact/risk factor values to the identified risks, threats, and vulnerabilities, how did you prioritize the “1”, “2”, and “3” risk elements? What would you say to the executive management in regards to your final recommended prioritization?
a) Critical – a risk, threat, or vulnerability that impacts compliance and
i. places the organization in a position of increased liability.
b) Major – a risk, threat, or vulnerability that impacts the C-I-A of an organization’s intellectual property assets and IT infrastructure.
c) Minor – a risk, threat, or vulnerability that can impact user or employee productivity or availability of the IT infrastructure.
This prioritization is what is best because you want to know the highest level of vulnerability to the lowest.
5. Identify a risk mitigation solution for each of the following risk factors:
a) User downloads and clicks on an unknown e-mail attachment. – Restrict user access and set it up so the user has to get authorization for downloads
b) Workstation OS has a known software vulnerability. –

You May Also Find These Documents Helpful

  • Satisfactory Essays

    2. Why is it difficult to conduct a qualitative risk assessment for an IT infrastructure?…

    • 339 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    IS3110 Risk Management

    • 663 Words
    • 3 Pages

    Answer : The importance of to prioritizing risks in an IT infrastructure, is because you must be aware of what are the risks, the threats, and vulnerabilities to your infrastructure. By prioritizing immediately you know where the weakest point in your network is, and it can be addressed more quickly, to lessen the chance of a break in.…

    • 663 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Describe potential risks to the information and the related vulnerabilities within the organization. Identify the forces that drive each threat and the related vulnerabilities.…

    • 627 Words
    • 4 Pages
    Satisfactory Essays
  • Good Essays

    Is 305 Week 3 Quiz

    • 577 Words
    • 3 Pages

    Using the workstation domain, define risks associated within that domain and explain what can be done to reduce risks in that domain.…

    • 577 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Unit 7 Lab

    • 293 Words
    • 2 Pages

    3. How does risk management and risk assessment relate to a business impact analysis for an IT infrastructure?…

    • 293 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    File11

    • 466 Words
    • 2 Pages

    This assignment allows you to fulfill the role of an IT manager in a small business tasked with determining…

    • 466 Words
    • 2 Pages
    Good Essays
  • Better Essays

    It Risk Analysis Case Study

    • 4910 Words
    • 20 Pages

    Below is a list of risks that have been identified by us, each list is separated by category, in which each category will list…

    • 4910 Words
    • 20 Pages
    Better Essays
  • Good Essays

    Chapter 3 notes

    • 2990 Words
    • 12 Pages

    8/30/2012 Mike Meyers’ CompTIA Network+® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N10-005) Mike Meyers’ CompTIA Network+® Guide to Managing and Troubleshooting Networks, Third Edition (Exam N10-005) Protecting Your Network Objectives Chapter 16 • Discuss the common security threats in network computing • Describe the methods for securing user accounts • Explain how firewalls, NAT, port filtering, and packet filtering protect a network from threats © 2012…

    • 2990 Words
    • 12 Pages
    Good Essays
  • Powerful Essays

    11. Differentiate between systematic risk and unsystematic risk and discuss the various components of latter.…

    • 1087 Words
    • 5 Pages
    Powerful Essays
  • Good Essays

    Risk management

    • 865 Words
    • 3 Pages

    Compare and contrast the advantages and disadvantages of pro-active & reactive management of IT risks based upon the reading assigned by Baccharini "The Risk Ranking of Projects". Let's discuss these, based upon your assigned readings, with the entire class! Upload your 3 paragraph response here and in your Assignment Folder for grading, and respond to other Graduate student postings in this whole-class Conference.…

    • 865 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    Regency Plaza Case Study

    • 2629 Words
    • 11 Pages

    Risk assessment: " evaluating the risk to assess the range of possible outcomes in relation to the project and the potential impact of each of these" (AOU, 2013, session)…

    • 2629 Words
    • 11 Pages
    Powerful Essays
  • Powerful Essays

    If IT’s strategic position within the organization is weak, all IT functions and roles will be diminished from what they should be. IT’s responsibilities and activities should flow from, and support, the organization’s operating objectives.…

    • 2473 Words
    • 10 Pages
    Powerful Essays
  • Good Essays

    Over and over again the Standards specify what internal auditors should provide assurance and consulting on – the scope of internal auditing (governance, risk management and control processes).…

    • 653 Words
    • 3 Pages
    Good Essays
  • Better Essays

    System Security

    • 1174 Words
    • 5 Pages

    An exposure is a security-related situation, event or fact that may be considered vulnerability by some people but not by others.…

    • 1174 Words
    • 5 Pages
    Better Essays
  • Powerful Essays

    Risk Management

    • 1423 Words
    • 6 Pages

    • Business / Operational • Focuses on the risks a business takes to maximise shareholder wealth…

    • 1423 Words
    • 6 Pages
    Powerful Essays

Related Topics