LAB 3
Lab #3: Assessment Worksheet
Lab Assessment Questions:
What is the goal or objective of an IT risk management plan?
A list of threats
A List of vulnerabilities
Costs associated with risks
A list of recommendations to reduce the risks
Costs associated with recommendations
A cost-benefit analysis
One or more reports What are the five fundamental components of an IT risk management plan?
The components of a Risk Management Plan are:
Risk Identification
Risk Analysis
Risk Evaluation
Risk Monitoring
Review
Define what risk planning is.
Risk planning is developing and documenting organized, comprehensive, and interactive strategies and methods for identifying risks.
What is the first step in performing risk management?
In a risk management plan you must first, establish the objectives.
What is the exercise called when you are trying to identify an organization’s risk health?
When trying to identify an organization’s risk health, you would use the Health Risk Assessment exercise.
What practices helps reduce or eliminate risk?
Risk Management.
What on-going practice helps track risk in real-time?
Risk Mitigation
Given that an IT risk management plan can be large in scope, why is it a good idea to develop a risk management plan team?
Scope identifies boundaries. So, if the plan is that large in scope, a team would work obviously together and not against to maintain its structure in nature and have consensus.
Within the seven domains of a typical IT infrastructure, which domain is the most difficult to plan, identify, assess, remediate, and monitor?
LAN-WAN
From your scenario perspective, with which compliance law or standard does your organization have to comply?
NERC-CIP Compliance: (critical infrastructure protection) plan is a set of requirements designed to secure assets vital to reliably operating North America's bulk electric system. How did the risk identification and risk assessment of the identified risks, threats, and
Lab Assessment Questions:
What is the goal or objective of an IT risk management plan?
A list of threats
A List of vulnerabilities
Costs associated with risks
A list of recommendations to reduce the risks
Costs associated with recommendations
A cost-benefit analysis
One or more reports What are the five fundamental components of an IT risk management plan?
The components of a Risk Management Plan are:
Risk Identification
Risk Analysis
Risk Evaluation
Risk Monitoring
Review
Define what risk planning is.
Risk planning is developing and documenting organized, comprehensive, and interactive strategies and methods for identifying risks.
What is the first step in performing risk management?
In a risk management plan you must first, establish the objectives.
What is the exercise called when you are trying to identify an organization’s risk health?
When trying to identify an organization’s risk health, you would use the Health Risk Assessment exercise.
What practices helps reduce or eliminate risk?
Risk Management.
What on-going practice helps track risk in real-time?
Risk Mitigation
Given that an IT risk management plan can be large in scope, why is it a good idea to develop a risk management plan team?
Scope identifies boundaries. So, if the plan is that large in scope, a team would work obviously together and not against to maintain its structure in nature and have consensus.
Within the seven domains of a typical IT infrastructure, which domain is the most difficult to plan, identify, assess, remediate, and monitor?
LAN-WAN
From your scenario perspective, with which compliance law or standard does your organization have to comply?
NERC-CIP Compliance: (critical infrastructure protection) plan is a set of requirements designed to secure assets vital to reliably operating North America's bulk electric system. How did the risk identification and risk assessment of the identified risks, threats, and