rephrasing this content

Feb 6th, 2015
Price: $10 USD

Question description

I want to someone to rephrase this content 

The Risk Management Framework consists of five fundamental activity stages:

1. Understand the business context: During this stage, the analyst must extract and describe business goals, priorities, and circumstances in order to understand what kinds of software risks to care about and which business goals are paramount. The purpose of this stage is to gather data to answer all of the important questions.

2. Identify the business and technical risks: The purpose of this stage is identifying risks to help clarify and quantify the possibility that certain events will directly impact business goals. The severity of a business risk should be expressed in financial or project management terms. Business risk identification helps to define and steer use of particular technical methods for extracting, measuring, and mitigating software risk given various software artifacts. It is also important to recognize technical risks. Technical risk identification is supported by the software security touch points.

3. Synthesize and prioritize the risks, producing a ranked set: This stage prioritizes the risks. The prioritization process must take into account which business goals are the most important to the organization, which goals are immediately threatened and how likely technical risks are to manifest themselves in a way that impacts the business. This stage creates as its output lists of all the risks and their appropriate weighting for resolution.

4. Define the risk mitigation strategy: This stage creates a coherent strategy for mitigating the risks in a cost-effective manner. Any mitigation activities must be constrained by the business context and should consider what the organization can afford, integrate and understand. The strategy must also directly identify validation techniques that can be used to demonstrate that risks are properly mitigated.

5. Carry out requried fixes and validate that they are correct: This stage involves carrying out the validation techniques previously identified. The validation stage proves whether the risks have been properly mitigated through artifact improvement and that the risk mitigation strategy is working. Typical metrics during this stage include artifact quality metrics as well as levels of risk mitigation effectiveness.

This Risk Management Framework restarts continuously so that newly arising business and technical risks can be identified and the status of existing risks currently undergoing mitigation can be kept up.

McGraw, G. (2006). Software Security: Building Security In. Upper Saddle River, NJ: Addison-Wesley.

Tutor Answer

(Top Tutor) Mercy K
School: UT Austin

Studypool has helped 1,244,100 students

Review from student
" Wow this is really good.... didn't expect it. Sweet!!!! "
Ask your homework questions. Receive quality answers!

Type your question here (or upload an image)

1824 tutors are online

Brown University

1271 Tutors

California Institute of Technology

2131 Tutors

Carnegie Mellon University

982 Tutors

Columbia University

1256 Tutors

Dartmouth University

2113 Tutors

Emory University

2279 Tutors

Harvard University

599 Tutors

Massachusetts Institute of Technology

2319 Tutors

New York University

1645 Tutors

Notre Dam University

1911 Tutors

Oklahoma University

2122 Tutors

Pennsylvania State University

932 Tutors

Princeton University

1211 Tutors

Stanford University

983 Tutors

University of California

1282 Tutors

Oxford University

123 Tutors

Yale University

2325 Tutors