ipl-logo

Risk Management Risk Analysis Paper

1412 Words6 Pages

The IT infrastructure of a communications company is very challenging; it has to support multiple services for internal and external customers. For internal users such as employees it provides email, printing, and file and data storage. External users, the customers of the communications company have a web interface that also provides email and data storage; however, this is different segment of the IT infrastructure. Additionally, customers have access to account information and have the ability to pay their communications bill.
Scope, Goals and Objectives
The scope of the audit will include five core resources; these are the data, applications, technology, facilities and personnel. The goal of the audit is to evaluate and assess the five …show more content…

To effectively manage risk there are four critical steps to the process; the first step is assessing the IT security and determining the risk and then performing risk management. The next is threat analysis which evaluates the actual threats to the IT environment. The next is vulnerability analysis; this step focuses on identifying the vulnerabilities that exist in the environment. The last major step is risk assessment analysis; this is the process in which the entire process is used to determine the overall risk of the environment.
Several methods and process can be used to perform risk management, the methodology that will be used for the communications company is the NIST 800-30. This process focuses on a nine-step process, this process begins with identifying the systems in the environment; this is known as System characterization. The next step is the identification of potential weaknesses within the environment better known as Threat identification. The third step is Vulnerability identification, this is the process in which the vulnerabilities or weakness that can be exploited are identified and …show more content…

This process first requires that all potential threats are identified. From there they are broken down into categories; Adversarial, Accidental, Structural and Environmental. After they are categorized they should be classified; generally this is done using a status of low, medium or high. This step focuses on the threat along with the likelihood of the threat occurring. This helps assessing risk by determining how likely a threat may occur thus increasing or decreasing the risk to the IT

Show More
Related

WGU Est1 Task 3

843 Words | 4 Pages

Portfolio Kris Corporation has asked IT Consultants to draft a proposal to address a number of the concerns Kris Corporation has with its current network. Kris Corporation is running Server 2008, with a parent domain and a child domain. There is a concern that this current configuration is not the most efficient. Kris Corporation would like one identity to obtain orders in real time. Kris Corporation has five locations, and the manufacturing plants are in two sites.

Read More

Nt1330 Unit 3 Assignment

571 Words | 3 Pages

Telestax Inc. and Bandwidth.com Inc. Partner to Deliver Integrated Communications and Collaboration Solutions to the Enterprise and Telecom Carrier Market Telestax and Bandwidth.com’s offering will help organizations to quickly build, scale, and deploy cloud-based collaboration solutions. Austin, Texas - October XX, 2015 - Telestax, a leader in collaboration middleware solutions, has entered into a joint sales and integration alliance with Bandwidth, a leading communications company, to expand functionality and interoperability of each companies collaboration solutions onto the Restcomm middleware platform. Through this partnership, Telestax will have the ability to provide its telecoms and enterprise customers and partners with an expanded

Read More

Nt1310 Unit 3 Network Analysis

336 Words | 2 Pages

I will be able to develop the network architecture for various clients and also install, deploy, maintain, troubleshoot product and test services according to their needs. Client requirements may be at local, wide area or an organization level. This will help me to interact with the end user and will help me know their demands. Interaction will be among the users, infrastructure vendors like Internet service providers, software vendors who together make up a communication network and integrate services in them and keep the communication system

Read More

Unit 7 Homeland Essay

360 Words | 2 Pages

Unit 7 Homeland Question 1 Explain how the Homeland Security Assessment process follows the Council on Competitiveness Business Model. To define the Council on Competitiveness Business Model, the text (Fisher) defines it as, a nonpartisan, nonprofit organization whose members are corporate chief executives, university presidents, and labor leaders dedicated to setting an action agenda to drive U.S. economic competitiveness and leadership in global markets (Fisher, 2013, p. 197). Within most any organization, risk management is a key strategic area that is a critical area in today’s business world. It’s the ability of recognizing, studying and discussing those risk factors and determining strategies to avoid, move or control the risk to an

Read More

The Alabama National Guard: System Analysis

861 Words | 4 Pages

Additionally, operations are often conducted away from the office, or in austere environments utilizing mobile broadband and laptop computer. Having access to the organizations data in an organized efficient manner is essential. Finally, a centralized knowledge management system allows organizations to share and collaborate much

Read More

Eliminating Errors In Release Of Information (ROI)

739 Words | 3 Pages

The second step is to test that workflow and conduct a risk assessment. Once asssessed corrective actions must be taken to close any privacy or security gaps in release of information workflow. As workflow is tightened, a throughout risk assessment can be conducted. Risk assessments are best if they employ a combination of internal and external assessments. With mobile devices giving anytime, anywhere access to virtual HIM departments, the traditional physical access controls are no longer adequate.

Read More

Protiviti Case Study Examples

1164 Words | 5 Pages

An IT audit is the examination and evaluation of an organization's information technology infrastructure, policies and operations. Information technology audits determine whether IT controls protect corporate assets, ensure data integrity and are aligned with the business's overall goals. 1.2.2 Objectives IT audit objectives concentrate on substantiating that the internal controls exist and are functioning as expected to minimize business risk. These audit objectives include assuring compliance with legal and regulatory requirements, as well as the confidentiality, integrity, and availability.

Read More

Case Study 1 Florida Department Of Management Services Part 1

1028 Words | 5 Pages

Case Study 1: Florida Department of Management Services, Part I James Carter Strayer University Dr. Richard Brown January 28, 2018 Abstract This paper address’s Florida’s Department of Management Services attempt to build a large information network. In this paper I will thoroughly analyzed the security mechanisms needed to protect the DMS systems from both state employees and users accessing over the Internet, thoroughly critique the transition process performed by the DMS in the case study and recommend two (2) alternatives to the IP infrastructure or applications not already mentioned in the case study. I will also thoroughly critiqued the merits of the major services found on the DMS Website, and thoroughly recommended an additional service to add to the DMS Website.

Read More

Porter's Five Forces Analysis Of Verizon

750 Words | 3 Pages

Information technology is more than just computers. Today, information technology must be conceived of broadly to encompass the information that businesses create and use as well as a wide spectrum of increasingly convergent and linked technologies that process the information. In addition to

Read More

Target Risk Management Case Study

908 Words | 4 Pages

The risk management process establishes the methodology for risk enterprises framework for the of many businesses (Fraser & Simkins, 2010). A retail business such as Target needs to do a risk assessment to establish the types of risks being faced by the organization. The risk assessment process starts with the identification and categorization of risk factors. High customer interaction of the retail businesses like Target, need to identify risk as a continuous basis effort over the lifetime of the business (Mandru, 2016). It important that the business leaders, set goals and priorities for the risk management system.

Read More

Target Risk Management

884 Words | 4 Pages

Risk events at Target stores can be very damaging to the business. Violence at a Target store can manifest in a number of scenarios resulting in a loss. Even though most retail stores locations rely heavily on the local authorities to respond and provide an immediate resolution to violent incidents at the Target stores, it is important for the risk management team at the organization to have a plan for prevention and mitigation of these incidents (Pearson, 2005). When there is a violent incident at a store location, losses associated with this incident will not only affect the store where the incident occured but it will affect the entire organization. The losses are not only financial but there will be a decrease in employee job satisfaction

Read More

COBIT V4.1 Framework

993 Words | 4 Pages

For each of the threats and vulnerabilities from the Identifying Threats and Vulnerabilities in an IT Infrastructure lab in this lab manual (list at least three and no more than five) that you have remediated, what must you assess as part of your overall COBIT P09 risk management approach for your IT infrastructure? Denial of service attack- close the ports and change the passwords. Loss of Production Data- Backup the data and restore the data from the most recent known safe point. Unauthorized access Workstation-

Read More

Summary Of Alaska Air's Six Sigma Framework

2023 Words | 9 Pages

With the use of this framework in reengineering its call centers and the automation of manual processes through call centers. Malaysia Airlines was able to achieve the following: Cutting call center costs by 18% and tripling sales, through phone, e-mail, fax, and web chat they were able to service customers, Interactive voice response or online ticket payment, and Tracking of agent productivity done by managers. In doing the following, they were able to streamline their processes. Malaysia Airlines measure the strategic metric. It measures the functional goals so that Malaysia Airlines can boost their customer payment capabilities.

Read More

What Is The Pcnet Project Case Study

674 Words | 3 Pages

After reading the case study of the PCNet Project, we will examine how critical success factors apply to the case study. The first area is setting clear objectives for risk management. With this factor we set strategic, financial, operational, and other objectives during the strategic and annual planning processes and throughout the year for a company. With these objectives we need to ensure that there is the process of identifying risks to our objectives, evaluating the impact of those risks and choosing a response. Some of the actions the company needs to be ready to respond to are avoidance, mitigation, or acceptance.

Read More

IT Infrastructure Audit Case Study

2512 Words | 11 Pages

The primary cause of an IT infrastructure audit is to guarantee all IT resources available within a business or organization reach set goals and performance has been achieved while following the correct and the most appropriate processes. The specific objectives of undertaking an IT infrastructure audit may include: · Ensureing that the set infrastructure is compliant with the legal and regulatory requirements. · Ensuring that the IT infrastructure enforces the confidentiality of its corporate data. · Assessing whether the IT infrastructure in an organziation helps in attaining and maintaining data integrity.

Read More

More about Risk Management Risk Analysis Paper

Related Topics

Open Document