Description
Assignment Requirements
The Mesusa Corporation has three information assets (provided by your professor) to evaluate for risk management as listed below. Create a ranked list of risk associated with the four vulnerabilities. You can begin with the columns from the Ranked Vulnerability Risk worksheet (Asset, Impact, Vulnerability, Likelihood), determine the risk rating, and then include percentage of current control and the uncertainty rate to come up with a final risk -rating estimate. Use the formula as described in this chapter. From your results, determine in what order the three assets be evaluated for additional controls. Include your worksheet and interpretation of the results.
(3pages or more. Excluding cover page and reference page. APA citation style).
Explanation & Answer
Hello, attached is the draft that I have. I'm stuck at page 2 because I don't know what organizational assets your professor wanted analyzed in the paper. Please consider (if possible) extending my deadline to a considerable amount of time due to time differences (its 12:05 am here) and providing additional instructions. Kindly don't withdraw this question. :/
Running Head: Risk Management
1
RISK MANAGEMENT
[Name of Student]
[Affiliation]
[Date]
Risk Management
2
Risk Management
Likelihood
The likelihood is the general rating which is basically a numerical value on a definite scale (1-1.)
of the chances or probability that an identified vulnerability will achieve exploitation.
Weighted scores, can, therefore, be assigned based on the information that was documented in
the process of identifying risks where each value of each information asset is utilized, that is, 1100, where 1 stands for the lowest value, 50 the medium value and 100 the highest value
(Hoddinott & Quisumbing, 2010).
Assessing Potential Loss
To achieve effectiveness in the evaluation, assignment of values can be achieved by asking the
following:
•
Which threats pose a danger to the organizational assets in the given settings?
•
Which threats pose the highest danger to the information of the organization?
•
How much would recovery from a successful attack cost?
•
Prevention of which threats would incur the highest costs for the organizations?
•
Which of the above questions is the most significant in providing a way forward for the
protection of the organization’s information from threats?
Risk percentage reduced by current controls
An existing control can be set aside if it is effective in managing vulnerability completely. Partial
control, on the other hand, would require that the percentage of the controlled vulnerability be
estimated.
Risk Management
3
Uncertainty
Knowing everything about vulnerability is very difficult to achieve. The level to which risk can
be reduced by a current control can also be affected by estimation errors. As a result, equations
must always have the factors that make up for uncertainties added on to them. These factors
heavily rely on the managers to make them based on experience and sound judgment (Whitman
& Mattord, 2013).
Determination of Risk
Relative risk assessment, = (risk equals likelihood of vulnerability occurrence) x (value (or
impact)) – (percentage risk already controlled) + (an element of uncertainty).
Asset
Asset Impact
Vulnerability
Vulnerability
Risk-rating
Likelihood
Factor
Risk Management
4
References
Hoddinott, J., & Quisumbing, A. (2010). Methods for microeconom...
Review
Review
