Preview

Unit3DiscussionRiskMgmtProcess

Satisfactory Essays
Open Document
Open Document
167 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Unit3DiscussionRiskMgmtProcess
Robert Jones
Unit 3 Discussion: Risk Management Process
7/1/2014
IS3110
Mr. Jackson

The step, that I believe is the most important in the risk management process, is vulnerability identification. A vulnerability is a weakness in the infrastructure or environment of the network. Any weakness can be exposed (exploited) and threatened. If vulnerabilities are not identified, then how can the Security Administrator properly set security policies and guidelines in place to protect the network? If he/she doesn’t know of the vulnerabilities, then they will never put things in place until some threat occurs to the network. Network vulnerabilities come in many forms and fashions, and must be identified to be properly mitigated.

One common vulnerability is the lack of or outdated antivirus software. We get the popup alerts and click it away, because that alert is so annoying. But what must be realized is that annoying popup is a warning alert telling the user that the local workstation or network has a weakness that needs to be addressed.

You May Also Find These Documents Helpful

  • Good Essays

    Global’s risk management approach was a key factor in the success of their efforts to protecting their client’s information assets. By utilizing risk management strategies Global was able to detect vulnerabilities where there were the most likelihood of threat and implement controls to detect and/or prevent breaches of the security controls. The risk management process ensured Global addressed security measures at all levels of the…

    • 515 Words
    • 3 Pages
    Good Essays
  • Good Essays

    You Decide- Sec572 Week 2

    • 577 Words
    • 3 Pages

    To develop network security strategies that will ensure that the organization's network is protected from both internal and external security risks. A summary of the steps I can take to mitigate the risk in the following areas: Denial-of-Service attacks (DoS), Distributed Denial-of-Service attacks (DDoS), Masquerading and IP Spoofing, Smurf attacks, Land.c attacks, Man-in-the-Middle attacks.…

    • 577 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    The policy begins with assessing the risk to the network and building a team to respond. Continuation of the policy requires implementing a security change management practice and monitoring the network for security violations. Lastly, the review process modifies the existing policy and adapts to lessons learned.…

    • 4827 Words
    • 20 Pages
    Powerful Essays
  • Good Essays

    Bsbpmg510A Kbq

    • 635 Words
    • 3 Pages

    Risk Management: While a new process or equipment may seem desirable this is not always the case due to the risks involved whether it be financial or otherwise. All these risks must be kept to a minimum through risk analysis in the planning and brainstorming phases or the new project could have a detrimental effect on the business or individuals.…

    • 635 Words
    • 3 Pages
    Good Essays
  • Good Essays

    The focus of the risk management plan is to provide an ongoing, comprehensive, and systematic approach to reducing risk exposures. Risk management activities include identifying, investigating, analyzing, and evaluating risks, followed by selecting and implementing the most appropriate methods for correcting, reducing, managing, transferring and/or eliminating them.…

    • 711 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    NT2580

    • 526 Words
    • 5 Pages

    All rights reserved. Page 6 Types of Vulnerabilities  Insecure servers or services  Exploitable applications and protocols  Unprotected system or network resources  Traffic interception and eavesdropping  Lack of preventive and protective measures against malware or automated attacks NT2580 Introduction to Information Security…

    • 526 Words
    • 5 Pages
    Satisfactory Essays
  • Satisfactory Essays

    ISSC363 Assignment 3

    • 586 Words
    • 2 Pages

    Conducting a thorough risk assessment is certainly one of the top priorities in the overall risk management program. It is a process of identifying and evaluating the risks that can have a negative impact on an organization. Once the risks have been successfully captured, they can be assessed and prioritized according to the severity of their potential impact. While every organization should have a continuous risk management program, a risk assessment is conducted at a given moment in time, and as such should be repeated on some predetermined schedule to reevaluate the risks and adjust as appropriate. To conduct an effective risk assessment, it’s important to be able to fundamentally describe of the purpose of a risk assessment, risk scope and identify critical areas for an assessment. Additionally, a methodology that is appropriate for the risk assessment should be selected.…

    • 586 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Facility owners, particularly owners of public facilities, should develop and implement a security risk management methodology which adheres to the Interagency Security Committee (ISC) standard while also supporting the security needs of the organization as a whole. The first action you need to take is a threat assessment before anything. The first step in a risk management program is a threat assessment. A threat assessment considers the full spectrum of threats (i.e., natural, criminal, terrorist, accidental, etc.) for a given facility/location. The ISC standard only addresses man-made threats, but individual agencies are free to expand upon the threats they consider. The assessment should examine supporting information to evaluate the relative likelihood of occurrence for each threat ("Threat/vulnerability Assessments And Risk Analysis",…

    • 603 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Is 305 Lab 1

    • 538 Words
    • 3 Pages

    One of the most important first steps to risk management and implementing a risk mitigation strategy is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities and map them to the domain that these impact from a risk management perspective.…

    • 538 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    risks we set in place procedures for what to do if they occur. These would be things like:…

    • 680 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    I will assess all the risks through a risk assessment, which identifies risks and how I can managed them risks. Risk assessments are done all the time and these need to recorded and reported.…

    • 1480 Words
    • 4 Pages
    Satisfactory Essays
  • Powerful Essays

    Week 10 Technical Paper

    • 2283 Words
    • 10 Pages

    Every organization is faced with some risk or potential threat that could cause an interruption to the organization’s operations. These risks and threats can come from within or outside of the organization. To prepare for the worst that could happen, organizations must focus their attention on how to assess different types of risks to protect the organization from the possible negative effects to the daily operations. Performing a risk assessment is one of the most important steps in the risk management process (eHow, 2011).…

    • 2283 Words
    • 10 Pages
    Powerful Essays
  • Better Essays

    miss

    • 3131 Words
    • 13 Pages

    This is managed in the work setting by caring out a risk assessment. the risk assessment will include a list of any hazards, assessing the likelihood of the hazards posing a risk, estimating the severity of the consequences and developing an action plan to eliminate the hazards or minimise its affects through control measurements. For example the hazard is sunburn- control measurements are use sun cream and provide sun hats etc.…

    • 3131 Words
    • 13 Pages
    Better Essays
  • Good Essays

    The manager of my setting is responsible for the health and safety of the setting. If a member of staff wishes to report something to do with health and safety then they can either report it to the manager or the assistant manager or room leader.…

    • 1351 Words
    • 6 Pages
    Good Essays
  • Good Essays

    The first step in the process is the assessment of the situation. It is during this process that the determination is made whether there is an actual incident or a false positive and notifications are made (figure 2). Correctly assessing type of incident will determine the appropriate reaction strategy. This is accomplished by conducting internal scans of the systems, checking all logs, including IDPSs and host log files (Cichonski, Miller, Grace, & Scarfone, 2012). Once the incident has been correctly identified, the Chief Information Officer (CIO) and the Chief Information Security Officer (CISO) shall be notified of the incident. The next step is implement containment procedures to limit or stop the spread of the…

    • 805 Words
    • 3 Pages
    Good Essays