Questions on Risk Management Controls
IS3110 Lab Student Name:
Submission Requirements
Format: Microsoft Word
Your last name must be in the filename of your submitted document according the assignment naming standard. IS3110_Lab2_Lastname_First
Email to: SMichnick@itt-tech.edu
Due By: 6:00 PM CDT, Wednesday July 2, 2014
Note: Emails received after Due Date will be marked LATE and subject to a grade penalty of 10% each week it is late.
Pages 11-17 of the IS3220 Student Lab Manual
Lab #2 – Align Risk, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls
Learning Objectives and Outcomes
Upon completing this lab, you will be able to:
Define what COBIT (Control Objectives for Information and related Technology) P09 Risk Management is for an IT infrastructure
Describe the 6 control objectives of COBIT P09 which are used as benchmarks for IT risk assessment and risk management
Relate how threats and vulnerabilities align to the COBIT PO9 Risk Management definition for the assessment and management of IT risk
Use the COBIT PO9 controls as a guide to define the scope of risk management for an IT infrastructure
Apply the COBIT PO9 controls to help plan and organize the identified IT risks, threats, and vulnerabilities and the on-going management and remediation operation requirements
Overview
Think of the COBIT framework as a giant checklist for what an IT or Risk Management auditors would do if they were going to audit how your organization approaches risk management for your IT infrastructure. COBIT P09 defines 6 control objectives for assessing and managing IT risk within four different focus areas.
The first lab task is to align your identified threats and vulnerabilities from Lab #1 – How to Identify Threats and Vulnerabilities in Your IT Infrastructure.
Lab Assessment Questions & Answers
Given the scenario of a healthcare organization, answer the following Lab #1 assessment questions from a risk management perspective:
1. From the identified threats & vulnerabilities from Lab #1 –
Submission Requirements
Format: Microsoft Word
Your last name must be in the filename of your submitted document according the assignment naming standard. IS3110_Lab2_Lastname_First
Email to: SMichnick@itt-tech.edu
Due By: 6:00 PM CDT, Wednesday July 2, 2014
Note: Emails received after Due Date will be marked LATE and subject to a grade penalty of 10% each week it is late.
Pages 11-17 of the IS3220 Student Lab Manual
Lab #2 – Align Risk, Threats, & Vulnerabilities to COBIT P09 Risk Management Controls
Learning Objectives and Outcomes
Upon completing this lab, you will be able to:
Define what COBIT (Control Objectives for Information and related Technology) P09 Risk Management is for an IT infrastructure
Describe the 6 control objectives of COBIT P09 which are used as benchmarks for IT risk assessment and risk management
Relate how threats and vulnerabilities align to the COBIT PO9 Risk Management definition for the assessment and management of IT risk
Use the COBIT PO9 controls as a guide to define the scope of risk management for an IT infrastructure
Apply the COBIT PO9 controls to help plan and organize the identified IT risks, threats, and vulnerabilities and the on-going management and remediation operation requirements
Overview
Think of the COBIT framework as a giant checklist for what an IT or Risk Management auditors would do if they were going to audit how your organization approaches risk management for your IT infrastructure. COBIT P09 defines 6 control objectives for assessing and managing IT risk within four different focus areas.
The first lab task is to align your identified threats and vulnerabilities from Lab #1 – How to Identify Threats and Vulnerabilities in Your IT Infrastructure.
Lab Assessment Questions & Answers
Given the scenario of a healthcare organization, answer the following Lab #1 assessment questions from a risk management perspective:
1. From the identified threats & vulnerabilities from Lab #1 –