logo

Components of Information Security Risk Management, Assurance and Compliance, and Countermeasures against Phishing Attack

14 Pages4507 Words192 Views
   

Added on  2019-10-18

About This Document

This article discusses the different components of information security risk management, assurance and compliance, and countermeasures against phishing attack in Te Mata Estate. It covers topics such as risk avoidance, prevention, transfer, and retention, ethical issues, risk management controls and standards, and incident management. It also talks about the importance of preventive maintenance, software testing standards, and vulnerability assessment and testing.

Components of Information Security Risk Management, Assurance and Compliance, and Countermeasures against Phishing Attack

   Added on 2019-10-18

ShareRelated Documents
Information Security
Components of Information Security Risk Management, Assurance and Compliance, and Countermeasures against Phishing Attack_1
Task 1 :Four components of information security risk management Te Mata Estate is one of New Zealand’s oldest wine producers in the country. Most of the activitiesof this system are automated in order to enhance the effective management of the supply chain. As at the year 2008 and the year 2011, the company experienced some critical hitches in its informationsystem. In 2008, a hacking took place which not only denied access to the administrator of the system but also the functionality of the whole system was highly downgraded. Management of risk mainly involves risk priorities, assessment of risk, identification of threats and fix them using various types of resources to minimize the heavy losses. Effective risk management in Te Mata Estate makes value which plays an important role in their decision-making process against upcoming threats. a)RiskAvoidance : Mainly used to remove activities which involves risk and have extreme approach for risk .
Components of Information Security Risk Management, Assurance and Compliance, and Countermeasures against Phishing Attack_2
b) Prevention : Manage liabilities by making activities and program in a way which reduce the limitations risk. c) Risk Transfer : By using insurance policies and identification of agreements we transfer the risk to another party .d) Risk Retention : In this we accept the risk as it is for a specific purpose.The overall transaction process is also known as data processing. The transaction system mainly includes this type of subsystems like sales, production, purchasing, shipping, inventory, and payroll of the company. A transaction cycle is a set of interlocking business transactions. Due to the lack of process visibility,, it is very tough to assess the real progress through documented analysis in e -commerce. The risk is mainly related to the quality and amount of the available information. Due tolack of information the risk is higher. The different process model has different levels of risk. Task 2 :Assurance and compliance componentsThere are so many different types of ethical issues are present. They are normally divided into four categories and generally known as acronym PAPA. Here PAPA stands for Privacy, Accuracy, Property, and Accessibility. a) In privacy, we mainly work on what an individual data and information are going to exchange and share under some specific terms and conditions with other people as well as also help in deciding what to keep safe and what to share with others.b) Whereas inaccuracy we look for the data and information validity, as well as find out the responsible authorities for error in data and information and also the affected party lost. c)In property, we basically tried to find out the owner of the data and information and also tried to fix the prices for its exchange.
Components of Information Security Risk Management, Assurance and Compliance, and Countermeasures against Phishing Attack_3
d) And at last inaccessibility, we mainly work on what type of data and information any individual or organization have the right to obtain under certain terms and conditions. As we see that there are many problems which occur due to the communication problem between developers, managers, and customers. Currently, there are two main forces which put major risk on the privacy of the individual and organization. First one is a sudden rise in the use of information technology with more new capabilities of communications, surveillance, and storage. Whereas the second one is a more dangerous threat in which information plays a major role in the decision-making process. Information leaks lead to invades the privacy of individuals and organization.Task 3 :a) Risk management controls and standardsThe new risk management standard has many definitions and approaches to managing the risk factor. All the new method and theory which is developed in AS/NZS ISO 31000:2009 for the benefits of the organization which help in making confident and balanced decisions about all the risks which Te Mata Estate are going to face in the future. Data and information which are in the form of documents, persentations , emails, and databases are the lifeline of the most of the companies and application which protect and run your organisations requires a lot of space. Wireless network can be easily compormise by using share key. Due to increasing dependence on IT also increased the risk impact of IT on overall organization business. Nowadays threats in IT services is increased because its vulnerabilities is exposed across the world. b) Identify and analyse Clause 5 of ISO 31000 defines the risk management process as “the systematic application of management policies, procedures, and practices to the activities of communicating, consulting, establishing the context, and identifying, analyzing, evaluating, treating, monitoring and reviewing risk” (ISO Guide 73:2009, definition 3.1). ISO/IEEE/IEC29119 software testing is a benchmark set
Components of Information Security Risk Management, Assurance and Compliance, and Countermeasures against Phishing Attack_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Effective Risk Management in Te Mata Estate
|15
|4917
|694

Assignment Information Security Hitches in Te Mata Estate
|15
|5013
|179

Infrastructure of Big Data
|10
|2975
|421

Privacy and Data Protection Strategies of Informal Data Identity for MyLicense Portal
|5
|803
|294

Crypto currency and Block chain According to Scott
|5
|2807
|16

Information Security and Governance: Part B Appendix
|5
|703
|59