Critical Thinking

User Generated

YNSYBS114

Computer Science

Description

You are a senior information technology analyst at your company, or at a company you are familiar with. You have been charged with the task of developing a detailed risk assessment methodology. For this assignment, you should submit a report in which you discuss various risk assessments methodologies, then adopt a methodology and strongly justify your selection.

Unformatted Attachment Preview

ou are a senior information technology analyst at your company, or at a company you are familiar with. You have been charged with the task of developing a detailed risk assessment methodology. For this assignment, you should submit a report in which you discuss various risk assessments methodologies, then adopt a methodology and strongly justify your selection. Your well-written paper should meet the following requirements: • • • Be 4-5 pages in length, not including the title and reference pages. Include two external references in addition to the textbook. The Saudi Digital Library is a good source for resources. Your paper must follow academic writing standards and APA style guidelines, citing references as appropriate.
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Here's the answer. Kindly let me know if any edits will be required.

Running Head: Risk Assessment Methodologies

Risk Assessment Methodologies
Name
Institutional Affiliation

1

Risk Assessment Methodologies
a)

2

National Institute of Standards and Technology (NIST) Methodology

NIST is the standardized information technology risk assessment methodology provided
by the Federal Government of United States. The guidelines of NIST method are documented in
a special publication (SP) 800-30, which is under the title of the “Risk Management Guide for
Information Technology.” Additionally, the NIST approach is a qualitatively designed method
that is founded on the ability of highly technologically competent security analysts working in
collaboration with computer and network system owners and their technical team of experts
(Spears, & Barki, 2010). Moreover, these highly trained security analysts collaborate with the
owners and the managers of the information technology systems in ensuring that security of such
IT systems is maintained.
The NIST procedure features great extensiveness and comprehensiveness in addressing
of every security detail. For instance, NIST is very effective in the identification of the
immediate source of security threat in an occasion of attacks on IT systems. Secondly, NIST is
very fit for security evaluation which a key tool that is crucially utilized by security experts in
identifying security breaches and determine the level of security of an information technology
systems. The evaluation of an IT system is a crucial exercise which leads to the identification of
security loopholes that can be targeted by the malicious attackers (Peltier, 2005). Thirdly, NIST
is an effective assessment tool perform that is encountered.
Besides, the approach is made up of 9 main steps, which are discussed as follows. The
first step is system characterization in which various features of the IT systems belonging to
different owners are utilized to identify the distinct features of an IT system, which is conducted
through study. Threat identification is the second...


Anonymous
Very useful material for studying!

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags