Share
Explore BrainMass

Risk Management Threats

Now that your asset inventory is complete, you need to add your assessment of risk management and control effectiveness.
Write a 1100-1400 word paper in which you complete the following:
- Evaluate the effectiveness of the security technologies and methodology in your organization.
- Determine your uncertainty.
- Calculate the risk for each threat.
- Identify any additional controls needed. Remember that there are technical, administrative, and managerial controls.
- Describe the network security methodology and technology used in your organization.
- Describe the access control technology used in your organization.
- Include a discussion of what you learned this week and how this assignment has changed your opinion of security technology and the methodology

Solution Preview

Here is what I have so far. Still working away.

Now that your asset inventory is complete, you need to add your assessment of risk management and control effectiveness.
Write a 1100-1400 word paper in which you complete the following:
- Evaluate the effectiveness of the security technologies and methodology in your organization.
- Determine your uncertainty.
- Calculate the risk for each threat.
- Identify any additional controls needed. Remember that there are technical, administrative, and managerial controls.
- Describe the network security methodology and technology used in your organization.
- Describe the access control technology used in your organization.
- Include a discussion of what you learned this week and how this assignment has changed your opinion of security technology and the methodology
Risk Management is "..the process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives, and deciding what countermeasures, if any, to take in reducing risk to an acceptable level, based on the value of the information resource to the organization."( CISA Review Manual 2006)
The Risk Management Process involves several steps:
1) Context Establishment-Acquire all relevant information about the organization as well as the purpose, scope and boundaries of risk management activities. Establish the organization in charge of risk management activities. The purpose is to establish compliance with legal requirements and provide evidence of due diligence.
2) Risk Assessment-This is a reoccurring activity that involves an assessment of the vulnerabilities, threats, impact of loss and effectiveness of security measures.
3) Risk Treatment-This step involves selecting security measures which will reduce, retain, avoid and transfer risk. The product of this step will be a risk treatment plan
4) Risk acceptance-A criteria must be created to ...

Solution Summary

The expert calculates the threats in risk management. The network security methodology and technology for an organization is used.

$2.19