logo

Risk Assessment for CloudXYZ Company using ISO/IEC 27001 Management of Information Security

This report focuses on the risk calculation procedure of CloudXYZ Company using ISO rules to improve security and management issues.

15 Pages3591 Words117 Views
   

Added on  2023-06-08

About This Document

This report provides a risk assessment for CloudXYZ Company using ISO/IEC 27001 Management of Information Security. It includes a deep understanding of the company's risk calculation procedure, asset and threat identification, vulnerability analysis, and risk management techniques.

Risk Assessment for CloudXYZ Company using ISO/IEC 27001 Management of Information Security

This report focuses on the risk calculation procedure of CloudXYZ Company using ISO rules to improve security and management issues.

   Added on 2023-06-08

ShareRelated Documents
CO4512
INFORMATION SECURITY MANAGEMENT
Risk Assessment for CloudXYZ Company using ISO/IEC 27001 Management of Information Security_1
ABSTRACT
The report will contain a deep understanding of the CloudXYZ Company which have a procedure for the
calculation of the risk which uses and follow some rules of ISO. The reason behind performing the risk
assessment is to handle the issues of improving the security and management. The potential risk is being
calculated for the risk assessment depending on its quality and the quantity of the known threat. The
calculation of risk is the main purpose for which any system failure can be avoided. The scenario that
has been given over here has a risk assessment that is being conducted for reducing the investment that
is being done to improve the system for security for which work could be done for the system in which
data could be loss, fraud data could be provided or any privacy statment could be steal.
INTRODUCTION
ISO is an International Organization for Standardization which consist of a non-dependent, international
body that is private and it consist of bodies with 161 national level of standardization. In the year 1947
for the month of February it was founded as the result of having two of the renowned organizations in
combination with each other are:
1. United Nations Standard Coordinating Committee (UNSCC)
2. International Federation of National Standardizing Associations
The organization aim at easing the industrial standards unifications and the international coordination.
The standards of the ISO are as follow:
ISO 50001 Energy Management
ISO/IEC 27001 Management of Information Security
ISO/IEC 17025 calibration and testing laboratory
ISO 9001 Quality Management
In this assessment we have decided to use ISO/IEC 27001 Management of Information System
for the CloudXYZ Company. There are some standards that have a set for ISO/IEC 27001
Management of Information System whose help is there for any organization through which
the organization could keep the resources of the organization secure (Hart et al. 2016).
With the use of CloudXYZ standardization, the information system could be securely managed
as it consists of information for the user data that are stored in the cloud. The CloudXYZ has an
authentication server that is accountable to approve the clients’ permits (username/account
and password). During the performance of the task authorization, it may happen that there
may be interaction between the client database and the authorization server in which the
customer data is content. When the verification is done, the right will be provided to the
customer so that the can use the data that is stored in the cloud or else log in to the virtual
server.
The enterprise of CloudXYZ Company will be able to identify the use of ISO/IEC 27001
Management of Information Security for the assessment of the risk that potentially can cause
risks of the security threat for the privacy of the user and the data and according to it plan
Risk Assessment for CloudXYZ Company using ISO/IEC 27001 Management of Information Security_2
about the risk where the risk could be eliminated properly and the Company of CloudXYZ meet
the security of the information with international standards.
The risk assessment will be performed with certain steps that are mention below:
1. The risk could be managed by selecting the right method
2. The evaluation of the system for risk management
3. Risk identification for system analysis
4. After the elimination of the risk the system could be monitor and maintain
5. Implementation for the techniques of risk management
Figure 1: risk assessment with five stages
Risk Assessment for CloudXYZ Company using ISO/IEC 27001 Management of Information Security_3
RISK
ASSESSMENT
The process of risk assessment is to identify the risk, to find the methods through which the risk could
be handled, to find the people who are affected from such risk, risk elimination process could be
implemented and the system could monitor after eliminating the risk through which the best
performance could be checked.
Risk Assessment for CloudXYZ Company using ISO/IEC 27001 Management of Information Security_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Information Security Management for CloudXYZ: Risk Assessment and Mitigation
|18
|3419
|275

ISO/IEC 27001 Cybersecurity Framework for Riot Games, Inc. 1.
|2
|406
|70

Cloud Architecture Risk Assignment PDF
|15
|2969
|384

Information Systems Risk Management - PDF
|8
|2075
|102

Cloud Architecture Risk Assessment - ISO 27001 Standards
|15
|3032
|114

Cloud Architecture Risk Assessment
|19
|3285
|104