Learning Objective: Use risk management techniques to identify and prioritize risk factors for information assets.
The Mesusa Corporation has three information assets (provided by your professor) to evaluate for risk management as listed below. Create a ranked list of risk associated with the four vulnerabilities. You can begin with the columns from the Ranked Vulnerability Risk worksheet (Asset, Impact, Vulnerability, Likelihood), determine the risk rating, then include percentage of current control and the uncertainty rate to come up with a final risk -rating estimate. Use the formula as described in this chapter. From your results, determine in what order the three assets be evaluated for additional controls. Include your worksheet and interpretation of the results.