Risk Management
New technology can be good and bad at the same time. Often time’s new technology can open up new doors for hackers because new software will have to be installed with the new technology. Another threat can be new regulations and laws. The reason being, often times we may not know the new regulations and end up with a fine. Some common techniques to recover from an attack are risk mitigation and risk avoidance. Risk mitigation is when the use of various controls may reduce identified risks. The other is risk avoidance. This is making the choice not to take a risk from the beginning. Like, a company deciding to not do business depending on the organization.
Compare and contrast qualitative risk analysis and quantitative risk analysis, and provide examples identifying a situation when each would be useful.
Qualitative risk analysis is when the type of risk is predicted on the amount of impact it has on the company. Quantitative risk analysis is a type of risk analysis that determines the amount of money the risk will cost. The similarities are they both show the effect it will have on the company. One will determine the impact and the other the amount of money the impact will cost.
Mitigating Risk
Please respond to the following:
Provide and explain an example of an information technology security threat. Analyze how administrative, detective, preventative, and corrective could be used to mitigate the threat.
All have their own purpose if a threat occurs. Administrative will look at the treat and determine which steps to take. Detective will show the threat and a series of actions are required. Preventive will hopefully stop the threat before it causes damage. If a threat does occur and damages the system then the corrective tool will kick in. This tool will help fix the damage the threat caused. All these steps are needed to properly manage a threat.
A Business Impact Analysis (BIA) determines the extent of the impact that a particular
Compare and contrast qualitative risk analysis and quantitative risk analysis, and provide examples identifying a situation when each would be useful.
Qualitative risk analysis is when the type of risk is predicted on the amount of impact it has on the company. Quantitative risk analysis is a type of risk analysis that determines the amount of money the risk will cost. The similarities are they both show the effect it will have on the company. One will determine the impact and the other the amount of money the impact will cost.
Mitigating Risk
Please respond to the following:
Provide and explain an example of an information technology security threat. Analyze how administrative, detective, preventative, and corrective could be used to mitigate the threat.
All have their own purpose if a threat occurs. Administrative will look at the treat and determine which steps to take. Detective will show the threat and a series of actions are required. Preventive will hopefully stop the threat before it causes damage. If a threat does occur and damages the system then the corrective tool will kick in. This tool will help fix the damage the threat caused. All these steps are needed to properly manage a threat.
A Business Impact Analysis (BIA) determines the extent of the impact that a particular