IS3110 PP1T
Defense Logistics Information Services
(DLIS)
A Department of the Defense Logistics Agency
Tom Fletcher, Dave Kobol, Alejandro, Aliue
Risk Assessment
1.1 Purpose
This plan documents the processes, tools and procedures that will be used to manage and control those events that could have a negative impact on DLIS. It’s the controlling document for managing and controlling all project risks. This plan will address:
• Risk Identification
• Risk Assessment
• Risk Mitigation
• Risk Contingency Planning
• Risk Tracking and Reporting
Appendix A will present the risk impact assessment matrix and appendix B will present a sample of the risk register.
1.1 Introduction
With the development of computer networks, the spread of malicious network activities poses great risks to the operational integrity of many organizations and imposes heavy economic burdens on life and health. Agencies within and those that supports the federal government are particularly at substantial risk for cyber attacks. Therefore, risk assessments are very important for network security management and analysis. The DLIS systems that connect via LAN and WLAN with the DLA network will be within the scope of this assessment.
1.2 Scope
The scope includes the DLIS information systems and network. It also includes the personnel operating with the DLIS information systems and network. These personnel and upper management are responsible for the implementation and maintenance of the recommendations made herein. Further, the boundaries include the DLIS information systems including the information stored digitally and transmitted within the network components. Critical areas are the web, databases and firewalls.
2 Roles and Schedule
2.2 Risk Responsibilities
The responsibility for managing risk is shared amongst all the stakeholders of the project. However, decision authority for selecting whether to proceed with mitigation strategies and implement contingency actions, especially those
(DLIS)
A Department of the Defense Logistics Agency
Tom Fletcher, Dave Kobol, Alejandro, Aliue
Risk Assessment
1.1 Purpose
This plan documents the processes, tools and procedures that will be used to manage and control those events that could have a negative impact on DLIS. It’s the controlling document for managing and controlling all project risks. This plan will address:
• Risk Identification
• Risk Assessment
• Risk Mitigation
• Risk Contingency Planning
• Risk Tracking and Reporting
Appendix A will present the risk impact assessment matrix and appendix B will present a sample of the risk register.
1.1 Introduction
With the development of computer networks, the spread of malicious network activities poses great risks to the operational integrity of many organizations and imposes heavy economic burdens on life and health. Agencies within and those that supports the federal government are particularly at substantial risk for cyber attacks. Therefore, risk assessments are very important for network security management and analysis. The DLIS systems that connect via LAN and WLAN with the DLA network will be within the scope of this assessment.
1.2 Scope
The scope includes the DLIS information systems and network. It also includes the personnel operating with the DLIS information systems and network. These personnel and upper management are responsible for the implementation and maintenance of the recommendations made herein. Further, the boundaries include the DLIS information systems including the information stored digitally and transmitted within the network components. Critical areas are the web, databases and firewalls.
2 Roles and Schedule
2.2 Risk Responsibilities
The responsibility for managing risk is shared amongst all the stakeholders of the project. However, decision authority for selecting whether to proceed with mitigation strategies and implement contingency actions, especially those