Description of this paper

Loading

Your consulting organization has been hired to develop computer-(Answered)

Description

Step-by-step Instant Solution


Question

Your consulting organization has been hired to develop computer systems for the United Nations in the Middle East.

Create?a Risk Information Sheet for at least five potential risks that should be considered.? At least three of the risks you choose should be business continuity and IT disaster recovery related.? As part of this, consider man-made and natural risks that might apply to this particular situation.?

Please?note?the following:

  • The risk description should fully describe the risk
  • The probability is the likelihood that the risk will occur (i.e., low, medium, or high)
  • The impact is how the organization will be effected if the risk does occur (i.e., low, medium, or high)
  • The rationale should explain the reasons for your probability and impact assessments
  • The mitigation strategy should explain how each risk will be addressed
  • There should be one risk information sheet for each risk identified
  • The risk information sheets can be completed in Word, Excel?, or PowerPoint?

The results of your assessment for each risk should be plotted in a Risk Matrix.? One axis should be probability, while the other axis should be impact. The overall risk level will be the intersection of these two factors on the matrix. The risk assessment matrix can be completed in your choice of Word, Excel?, or PowerPoint?.



This is what I have so far.


1

 


 

United Nations Risk Assessment

 

Chad M. Gartman

 

CMGT/442 Information Systems Risk Management

 

May 21, 2016

 

David Conway

 


 

2

 


 

RISK INFORMATION SHEET #1

 

Risk Description: Human factor: Accidental deletion and corruption of files

 

Probability: Low

 

Impact: High

 

Rationale:

 

Risk Mitigation: Ensure personnel are adequately trained and only give access to sensitive

 

information to those employees who require it.

 


 

RISK INFORMATION SHEET #2

 

Risk Description: Terrorism/Hacking: Network unsecure allowing cyber terrorist access to

 

highly sensitive information

 

Probability: Low

 

Impact: High

 

Rationale:

 

Risk Mitigation: Cyber terrorists will use many different methods of acquiring information

 

such as phishing, DDoS (Distributed Denial of Service) and APT (Advanced Persistant

 

Threats) attacks. The information security team (IT) will have to ensure the latest and greatest

 

security software and hardware is installed and updated. Employees will need to make sure

 

they have strong passwords and don?t visit any unauthorized websites as dictated in the annual

 

security training program.

 


 

RISK INFORMATION SHEET #3

 

Risk Description: Earthquakes: Major loss of data due to damage/loss of equipment

 

Probability: Low

 

Impact: High

 

Rationale:

 

Risk Mitigation: Assets in the server room need to be secured to the wall using earthquake

 

straps thus negating equipment falling off of shelves

 


 

RISK INFORMATION SHEET #4

 

Risk Description: Fire/smoke/water: Physical loss of assets due to fire, smoke and water

 

damage.

 

Probability: Low

 

Impact: High

 

Rationale:

 

Risk Mitigation: To protect against fire, smoke detectors will need to be installed throughout

 

the facility. Make sure the facility has adequate ventilation to vent smoke. Water damage can

 

be hard to control, but in the event of a flood, making sure equipment is located high enough

 

will provide adequate protecton.

 


 

3

 


 

RISK INFORMATION SHEET #5

 

Risk Description:

 

Probability:

 

Impact:

 

Rationale:

 

Risk Mitigation:

 

Your consulting organization has been hired to develop computer systems for the United

 

Nations in the Middle East. Develop a list of man-made and natural risks that might

 

apply to this particular situation. Explain each risk in detail.

 

Answer:

 

I'm sure there are a ton of risks, but I came up with a few off the top of my head.

 

Natural

 


 

Fire - Loss of data. A good continuity of operation plan should be in place

 


 


 


 

Earth Quake - Loss of data. A good continuity of operation plan should be in

 

place

 


 

Man-made

 


 


 


 

Terrorism - Sensitive information is leaked to the enemy, which becomes a

 

national security issue

 

Human factor - file/data deletion or corruption of sensitive information

 


 

I think any risk cannot be managed without identifying what the risk is and assessing the

 

severity and likelihood of it occurring. The information gathered during risk identification

 

and evaluation will identify the specific strategy or strategies to manage the risk.

 


 

 

Paper#9256374 | Written in 27-Jul-2016

Price : $16
SiteLock