New York Institute Business Continuity & Disaster Recovery Plan Paper

User Generated

ivpxl227

Computer Science

Description

Information and Risk Management (IRM)

IRM entails procedures that are enacted by individuals or organizations in order to significantly reduce vulnerabilities, threats, and consequences of having unprotected data (Stevens, 2015). Following the rapid technology growth, cases of computer hacking are common. The crimes are facilitated by negligence in the management and handling of pertinent information.

Information can be stolen from the databases through physical or cyber means. Further, data loss is classified as either intentional or unintentional. Intentional threat occurs in situations where hackers invade organizations’ computer systems but with malicious intents. Unintentional threat, on the other hand, takes place where employees are negligent in handling information such as using weak passwords creating opportunities for cybercriminals to attack.

Managing information risks should start at a point where the organization understands all types of threats facing their databases. Additionally, firms should evaluate the types of vulnerabilities that their IT department could encounter. This should be followed by setting comprehensive IRM strategies: the approach should commence with creating awareness of the threats among the stakeholders.

Moreover, the firms should respond by employing technical controls; this entails features such as antivirus software, intrusion detection, and firewalls among others. The approaches could be reinforced through hiring a vendor risk management group that will be mandated to work closely with all third parties. The groups will be informed about the need to observe and abide by the set IRM policies (Whitman, Mattord, & Green, 2013).

In conclusion, in the contemporary world, information has been vulnerable to computer criminals such as hackers. It is thus upon the concerned firms to enact stringent measures that will increase data protection. Vigilant IRM policies should be put in place and observed by all stakeholders.

Question

Has the organization managements played part in increase in information risk in the modern world?

References

Stevens, M. (2015). What is Information Risk Management?

https://www.bitsight.com/blog/what-is-information-risk-management Retrieved on 23/08/2019

Whitman, M. E., Mattord, H. J., & Green, A. (2013). Principles of incident response and

disaster recovery. Cengage Learning.



No Plagarism

Provide References


User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

please check the work

Running Head: INFORMATION RISK MANAGEMENT

Information Risk Management
Name
Professor
Course
Date

INFORMATION RISK MANAGEMENT

To some extent, organizations management have contributed to the increase in the
information risks. Poor governance in an organization results in the reduced provision of
oversight, authoritative control, which are a vital foundation for the transparency in the
management of information. Blakley, McDermott and Geer (2011) notes that if the organization
management is not committed to maintai...


Anonymous
Great! 10/10 would recommend using Studypool to help you study.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags