IS3110 Risk Management
1. Why is it important to prioritize your IT infrastructure risks, threats, and vulnerabilities?
Answer : The importance of to prioritizing risks in an IT infrastructure, is because you must be aware of what are the risks, the threats, and vulnerabilities to your infrastructure. By prioritizing immediately you know where the weakest point in your network is, and it can be addressed more quickly, to lessen the chance of a break in.
2. A quality IT Risk Mitigation Plan will include details on costs, risk prioritization, and accompanying schedule. For risk prioritization, what influence would the industry your organization operates in have on prioritizing your identified risks, threats, and vulnerabilities?
Answer :Many different companies have different way they approach things and prioritize. What is important to my company, might not be necessarily important to other companies. For example, a medical facility that deals with patient information has to comply to HIPPA while on the other hand would different priorities would exist for a Financial institutions would have to comply to SOX
3.What questions would you bring to executive management prior to finalizing your IT risk mitigation plan?
Answer : How long is implementation going to take? What is the predicted down time or chances of a failed change? Do we need other teams to be on standby in case of a worst case scenario?
4.What is the difference between short-term and long-term risk mitigation tasks and on-going duties?
Answers :
Short-term mitigation tasks are risks that can be solved or repaired very rapidly and will not have long term effects on the company,
Long term mitigation tasks are risks that cannot be solved quickly and have other harsh repercussions on the network team, not to mention fines if they involve compliance issues.
On-going duties are the daily duties that must be done in order for the company to perform with minimal risks.
5. Which of the seven domains of a
Answer : The importance of to prioritizing risks in an IT infrastructure, is because you must be aware of what are the risks, the threats, and vulnerabilities to your infrastructure. By prioritizing immediately you know where the weakest point in your network is, and it can be addressed more quickly, to lessen the chance of a break in.
2. A quality IT Risk Mitigation Plan will include details on costs, risk prioritization, and accompanying schedule. For risk prioritization, what influence would the industry your organization operates in have on prioritizing your identified risks, threats, and vulnerabilities?
Answer :Many different companies have different way they approach things and prioritize. What is important to my company, might not be necessarily important to other companies. For example, a medical facility that deals with patient information has to comply to HIPPA while on the other hand would different priorities would exist for a Financial institutions would have to comply to SOX
3.What questions would you bring to executive management prior to finalizing your IT risk mitigation plan?
Answer : How long is implementation going to take? What is the predicted down time or chances of a failed change? Do we need other teams to be on standby in case of a worst case scenario?
4.What is the difference between short-term and long-term risk mitigation tasks and on-going duties?
Answers :
Short-term mitigation tasks are risks that can be solved or repaired very rapidly and will not have long term effects on the company,
Long term mitigation tasks are risks that cannot be solved quickly and have other harsh repercussions on the network team, not to mention fines if they involve compliance issues.
On-going duties are the daily duties that must be done in order for the company to perform with minimal risks.
5. Which of the seven domains of a