logo

Information Assurance and Risk Management

This page contains the Learning Resources for this week. Be sure to scroll down the page to see all of this week's assigned Learning Resources. In Week 2, you will use a variety of resources. This page outlines the resources that you will need to participate in the Discussion and to complete the Assignment.

8 Pages1750 Words291 Views
   

Added on  2022-11-30

About This Document

This document discusses the risk identified in the information system, the skill set needed by the team, determination of skill set of prospective team members, critical items needed for consideration while team formation, function of information security for fitting into larger organizational structure, and roles and responsibility of stakeholders.

Information Assurance and Risk Management

This page contains the Learning Resources for this week. Be sure to scroll down the page to see all of this week's assigned Learning Resources. In Week 2, you will use a variety of resources. This page outlines the resources that you will need to participate in the Discussion and to complete the Assignment.

   Added on 2022-11-30

ShareRelated Documents
Running head: INFORMATION ASSURANCE AND RISK MANAGEMENT
Information Assurance and Risk Management
Name of the Student
Name of the University
Author’s Note
Information Assurance and Risk Management_1
1
INFORMATION ASSURANCE AND RISK MANAGEMENT
Table of Contents
Risk Identified in the Information System.......................................................................................2
Skill Set needed by the team............................................................................................................2
Determination of skill set of prospective team members................................................................3
Critical items needed for consideration while team formation........................................................4
Function of information security for fitting into larger organizational structure............................4
Roles and responsibility of stakeholders.........................................................................................5
References........................................................................................................................................6
Information Assurance and Risk Management_2
2
INFORMATION ASSURANCE AND RISK MANAGEMENT
Risk Identified in the Information System
The IT security governance system is needed to be implemented in the organization after
examining the security policy and the environment where the system would work. The security
policy enforcement is not enough for securing the entire network of the organization. For the
integration of the information system with business process robust security program is required
that would map the business drivers, regulatory and legal requirements and threats. The main risk
associated with the system is collection and sharing of data about security breaches and quantify
the cyber security for taking better decision about security investment that is needed for
managing the business (Guo, 2013). The new security control measures are needed to be
evaluated and an open ports of the servers and out dated application are needed to be identified
such that it does not help the attacker to access the information residing on the server. The
identified risk can be categorized into accidental or deliberate threats. The deliberate threats are
those which does not have a direct effect on the information system and it can be denial of
service, eavesdropping, unauthorized database access, sabotage, etc. The accidental threats
acting on the system are directly connected and it can be found during the development of the
system (Bernardo, 2018). The accidental threats can occurs to minor mistake made by the
development team members or unavailability of any resources. The old security controls can also
be exploited by the hackers for finding the weakness of the system and performing illegal
activities.
Skill Set needed by the team
For the team involved in the development process of information security governance
system the requirement of the information system is needed to be clearly stated. The business
Information Assurance and Risk Management_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Risk Management VIC Contents Introduction
|14
|3625
|201

ITC596 - VIC Government - Security Risks and Concerns
|12
|3080
|34

(solved) IT Risk Management PDF
|15
|3652
|47

IT Security Risk Management - Case Study Of VIC Government
|14
|3441
|46

ITC596 - IT Risk Management | Victorian Government
|19
|3163
|41

iT Security
|17
|5127
|60