UNH Information Security Planning Scope & Structure for IT Risk Management Plan Lab Report

User Generated

mzna2712

Computer Science

University of New Haven

Description

I need to get complete the lab assessment and report. I will be posting the screenshots now.

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Check this out 👍 Please let me know if you have any questions or if you need to make changes. Thanks 😀 Please let me know when you want me to write the discussion.

Lab Report Outline
Introduction
Risk Management Process
Plan
Identify
Assess
Respond
Monitor
Risk Categorization
Risk Management Plan


Lab Report

Introduction
This report has a presentation of a risk management exercise, which is based on best practices in
the industry. The following sections include the theoretical framework, a real-world assessment,
and a plan for managing the risk levels.
Risk Management Process
Five sections make up the risk management process, which includes a plan, identify, assess,
respond, and monitor. These sections provide a framework for managing risk using a systematic
approach to managing risk.
Plan
Planning is the key thing for preparing for a risk management exercise. A plan includes all the
components of a risk management exercise, which could vary in scale or complexity. The plan
includes information on how to perform the exercise and utilize the resources when the situation
is a reality.
Identify
Identifying the risks and characterizing them is a critical step, so the team can get to solving the
problems as soon as possible. Each risk should be identified and characterized, so the risk could
be managed using a lifecycle approach.
Assess
The next phase is to characterize the risk in terms of severity, and the damage that could be
caused by the threat. In the lifecycle approach to risk management, the risks with the highest
levels of severity should be prioritized for a solution.
Respond
In the next phase, the risks should be addressed with an intervention. The solution could be a
technical solution or an administrative solution, or a combination of solutions, which could be
optimized for the threat. Some threats could be remedied easily, while others could require an
elaborate change of systems.
Monitor
Following the deployment of the solution, it is critical to monitor the system to ensure that the
threat is effectively managed within the lifecycle approach to risk or threat management.

Risk Categorization
20 real-world risks that span 7 domains are presented in Table 1. Besides the categorization of
the domain, the discussion also includes the management strategy for dealing with the risk.

Table 1. Risk Management
Sl
#
1
2

Risks, Threats, and Vulnerabilities

Domain

Management
Strategy
Policy
Software &
Monitoring
Intrusion Detection
Server Configuration

Unauthorized access
Hacker penetration

User
Server

3
4

Circuit outage
Software vulnerability

5
6

E-mail DOS
Remote communications

7
8
9
10
11

W/station browser
Weak traffic filtering progress
WLAN access points for LAN
...


Anonymous
Great! Studypool always delivers quality work.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags